From 78904755210ad5d4b0eee718c508670a1f8a4814 Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 13:51:21 -0800
Subject: [PATCH 1/9] Add IamCredentials client

---
 .../pom.xml                                   |   31 +
 .../credentials/v1/IAMCredentialsGrpc.java    |  624 +++++++
 .../credentials/v1/IAMCredentialsGrpc.java    |  720 +++++++++
 google-api-grpc/pom.xml                       |    8 +-
 .../pom.xml                                   |   36 +
 .../v1/GenerateAccessTokenRequest.java        | 1427 +++++++++++++++++
 .../GenerateAccessTokenRequestOrBuilder.java  |  175 ++
 .../v1/GenerateAccessTokenResponse.java       |  810 ++++++++++
 .../GenerateAccessTokenResponseOrBuilder.java |   55 +
 .../v1/GenerateIdTokenRequest.java            | 1142 +++++++++++++
 .../v1/GenerateIdTokenRequestOrBuilder.java   |  124 ++
 .../v1/GenerateIdTokenResponse.java           |  569 +++++++
 .../v1/GenerateIdTokenResponseOrBuilder.java  |   27 +
 ...rateIdentityBindingAccessTokenRequest.java | 1298 +++++++++++++++
 ...ityBindingAccessTokenRequestOrBuilder.java |  180 +++
 ...ateIdentityBindingAccessTokenResponse.java |  810 ++++++++++
 ...tyBindingAccessTokenResponseOrBuilder.java |   55 +
 .../v1/IAMCredentialsCommonProto.java         |  157 ++
 .../credentials/v1/IAMCredentialsProto.java   |   77 +
 .../credentials/v1/ServiceAccountName.java    |  189 +++
 .../iam/credentials/v1/SignBlobRequest.java   |  978 +++++++++++
 .../v1/SignBlobRequestOrBuilder.java          |  103 ++
 .../iam/credentials/v1/SignBlobResponse.java  |  646 ++++++++
 .../v1/SignBlobResponseOrBuilder.java         |   36 +
 .../iam/credentials/v1/SignJwtRequest.java    | 1056 ++++++++++++
 .../v1/SignJwtRequestOrBuilder.java           |  112 ++
 .../iam/credentials/v1/SignJwtResponse.java   |  724 +++++++++
 .../v1/SignJwtResponseOrBuilder.java          |   45 +
 .../v1/GenerateAccessTokenRequest.java        | 1427 +++++++++++++++++
 .../GenerateAccessTokenRequestOrBuilder.java  |  175 ++
 .../v1/GenerateAccessTokenResponse.java       |  810 ++++++++++
 .../GenerateAccessTokenResponseOrBuilder.java |   55 +
 .../v1/GenerateIdTokenRequest.java            | 1142 +++++++++++++
 .../v1/GenerateIdTokenRequestOrBuilder.java   |  124 ++
 .../v1/GenerateIdTokenResponse.java           |  569 +++++++
 .../v1/GenerateIdTokenResponseOrBuilder.java  |   27 +
 ...rateIdentityBindingAccessTokenRequest.java | 1298 +++++++++++++++
 ...ityBindingAccessTokenRequestOrBuilder.java |  180 +++
 ...ateIdentityBindingAccessTokenResponse.java |  810 ++++++++++
 ...tyBindingAccessTokenResponseOrBuilder.java |   55 +
 .../v1/IAMCredentialsCommonProto.java         |  184 +++
 .../credentials/v1/ServiceAccountName.java    |  189 +++
 .../iam/credentials/v1/SignBlobRequest.java   |  978 +++++++++++
 .../v1/SignBlobRequestOrBuilder.java          |  103 ++
 .../iam/credentials/v1/SignBlobResponse.java  |  646 ++++++++
 .../v1/SignBlobResponseOrBuilder.java         |   36 +
 .../iam/credentials/v1/SignJwtRequest.java    | 1056 ++++++++++++
 .../v1/SignJwtRequestOrBuilder.java           |  112 ++
 .../iam/credentials/v1/SignJwtResponse.java   |  724 +++++++++
 .../v1/SignJwtResponseOrBuilder.java          |   45 +
 .../iam/credentials/v1/Iamcredentials.java    |   82 +
 .../google/iam/credentials/v1/common.proto    |  156 ++
 .../iam/credentials/v1/iamcredentials.proto   |   70 +
 google-cloud-bom/pom.xml                      |    4 +-
 .../google-cloud-iamcredentials/README.md     |  100 ++
 .../google-cloud-iamcredentials/pom.xml       |   87 +
 .../credentials/v1/IamCredentialsClient.java  |  582 +++++++
 .../v1/IamCredentialsSettings.java            |  209 +++
 .../iam/credentials/v1/package-info.java      |   47 +
 .../GrpcIamCredentialsCallableFactory.java    |  116 ++
 .../v1/stub/GrpcIamCredentialsStub.java       |  218 +++
 .../v1/stub/IamCredentialsStub.java           |   60 +
 .../v1/stub/IamCredentialsStubSettings.java   |  350 ++++
 .../v1/IamCredentialsClientTest.java          |  279 ++++
 .../credentials/v1/MockIAMCredentials.java    |   57 +
 .../v1/MockIAMCredentialsImpl.java            |  117 ++
 .../google-cloud-iamcredentials/synth.py      |   35 +
 google-cloud-clients/pom.xml                  |   12 +-
 versions.txt                                  |  123 +-
 69 files changed, 25590 insertions(+), 73 deletions(-)
 create mode 100644 google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml
 create mode 100644 google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java
 create mode 100644 google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/common.proto
 create mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/iamcredentials.proto
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/README.md
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/pom.xml
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsSettings.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/package-info.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsStub.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStub.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStubSettings.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/IamCredentialsClientTest.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentials.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentialsImpl.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/synth.py

diff --git a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml
new file mode 100644
index 000000000000..866ba824c151
--- /dev/null
+++ b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml
@@ -0,0 +1,31 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <artifactId>grpc-google-cloud-iamcredentials-v1</artifactId>
+  <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-iamcredentials-v1:current} -->
+  <name>grpc-google-cloud-iamcredentials-v1</name>
+  <description>GRPC library for grpc-google-cloud-iamcredentials-v1</description>
+  <parent>
+    <groupId>com.google.api.grpc</groupId>
+    <artifactId>google-api-grpc</artifactId>
+    <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-api-grpc:current} -->
+  </parent>
+  <dependencies>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-stub</artifactId>
+      <scope>compile</scope>
+    </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-protobuf</artifactId>
+      <scope>compile</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-cloud-iamcredentials-v1</artifactId>
+      <scope>compile</scope>
+    </dependency>
+  </dependencies>
+</project>
\ No newline at end of file
diff --git a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java
new file mode 100644
index 000000000000..e17c50324bb1
--- /dev/null
+++ b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java
@@ -0,0 +1,624 @@
+package com.google.cloud.iam.credentials.v1;
+
+import static io.grpc.MethodDescriptor.generateFullMethodName;
+import static io.grpc.stub.ClientCalls.asyncBidiStreamingCall;
+import static io.grpc.stub.ClientCalls.asyncClientStreamingCall;
+import static io.grpc.stub.ClientCalls.asyncServerStreamingCall;
+import static io.grpc.stub.ClientCalls.asyncUnaryCall;
+import static io.grpc.stub.ClientCalls.blockingServerStreamingCall;
+import static io.grpc.stub.ClientCalls.blockingUnaryCall;
+import static io.grpc.stub.ClientCalls.futureUnaryCall;
+import static io.grpc.stub.ServerCalls.asyncBidiStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncClientStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncServerStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncUnaryCall;
+import static io.grpc.stub.ServerCalls.asyncUnimplementedStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall;
+
+/**
+ * <pre>
+ * A service account is a special type of Google account that belongs to your
+ * application or a virtual machine (VM), instead of to an individual end user.
+ * Your application assumes the identity of the service account to call Google
+ * APIs, so that the users aren't directly involved.
+ * Service account credentials are used to temporarily assume the identity
+ * of the service account. Supported credential types include OAuth 2.0 access
+ * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+ * more.
+ * </pre>
+ */
+@javax.annotation.Generated(
+    value = "by gRPC proto compiler (version 1.10.0)",
+    comments = "Source: google/iam/credentials/v1/iamcredentials.proto")
+public final class IAMCredentialsGrpc {
+
+  private IAMCredentialsGrpc() {}
+
+  public static final String SERVICE_NAME = "google.iam.credentials.v1.IAMCredentials";
+
+  // Static method descriptors that strictly reflect the proto.
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getGenerateAccessTokenMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> METHOD_GENERATE_ACCESS_TOKEN = getGenerateAccessTokenMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod() {
+    return getGenerateAccessTokenMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
+    if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
+          IAMCredentialsGrpc.getGenerateAccessTokenMethod = getGenerateAccessTokenMethod = 
+              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "GenerateAccessToken"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateAccessToken"))
+                  .build();
+          }
+        }
+     }
+     return getGenerateAccessTokenMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getGenerateIdTokenMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> METHOD_GENERATE_ID_TOKEN = getGenerateIdTokenMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod() {
+    return getGenerateIdTokenMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
+    if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
+          IAMCredentialsGrpc.getGenerateIdTokenMethod = getGenerateIdTokenMethod = 
+              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "GenerateIdToken"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateIdToken"))
+                  .build();
+          }
+        }
+     }
+     return getGenerateIdTokenMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getSignBlobMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
+      com.google.cloud.iam.credentials.v1.SignBlobResponse> METHOD_SIGN_BLOB = getSignBlobMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
+      com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
+      com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethod() {
+    return getSignBlobMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
+      com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest, com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
+    if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
+          IAMCredentialsGrpc.getSignBlobMethod = getSignBlobMethod = 
+              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.SignBlobRequest, com.google.cloud.iam.credentials.v1.SignBlobResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "SignBlob"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.SignBlobRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.SignBlobResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignBlob"))
+                  .build();
+          }
+        }
+     }
+     return getSignBlobMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getSignJwtMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
+      com.google.cloud.iam.credentials.v1.SignJwtResponse> METHOD_SIGN_JWT = getSignJwtMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
+      com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
+      com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethod() {
+    return getSignJwtMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
+      com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest, com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
+    if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
+          IAMCredentialsGrpc.getSignJwtMethod = getSignJwtMethod = 
+              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.SignJwtRequest, com.google.cloud.iam.credentials.v1.SignJwtResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "SignJwt"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.SignJwtRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.cloud.iam.credentials.v1.SignJwtResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignJwt"))
+                  .build();
+          }
+        }
+     }
+     return getSignJwtMethod;
+  }
+
+  /**
+   * Creates a new async stub that supports all call types for the service
+   */
+  public static IAMCredentialsStub newStub(io.grpc.Channel channel) {
+    return new IAMCredentialsStub(channel);
+  }
+
+  /**
+   * Creates a new blocking-style stub that supports unary and streaming output calls on the service
+   */
+  public static IAMCredentialsBlockingStub newBlockingStub(
+      io.grpc.Channel channel) {
+    return new IAMCredentialsBlockingStub(channel);
+  }
+
+  /**
+   * Creates a new ListenableFuture-style stub that supports unary calls on the service
+   */
+  public static IAMCredentialsFutureStub newFutureStub(
+      io.grpc.Channel channel) {
+    return new IAMCredentialsFutureStub(channel);
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static abstract class IAMCredentialsImplBase implements io.grpc.BindableService {
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public void generateAccessToken(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getGenerateAccessTokenMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public void generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getGenerateIdTokenMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getSignBlobMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getSignJwtMethodHelper(), responseObserver);
+    }
+
+    @java.lang.Override public final io.grpc.ServerServiceDefinition bindService() {
+      return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor())
+          .addMethod(
+            getGenerateAccessTokenMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+                com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>(
+                  this, METHODID_GENERATE_ACCESS_TOKEN)))
+          .addMethod(
+            getGenerateIdTokenMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+                com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>(
+                  this, METHODID_GENERATE_ID_TOKEN)))
+          .addMethod(
+            getSignBlobMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.cloud.iam.credentials.v1.SignBlobRequest,
+                com.google.cloud.iam.credentials.v1.SignBlobResponse>(
+                  this, METHODID_SIGN_BLOB)))
+          .addMethod(
+            getSignJwtMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.cloud.iam.credentials.v1.SignJwtRequest,
+                com.google.cloud.iam.credentials.v1.SignJwtResponse>(
+                  this, METHODID_SIGN_JWT)))
+          .build();
+    }
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static final class IAMCredentialsStub extends io.grpc.stub.AbstractStub<IAMCredentialsStub> {
+    private IAMCredentialsStub(io.grpc.Channel channel) {
+      super(channel);
+    }
+
+    private IAMCredentialsStub(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected IAMCredentialsStub build(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      return new IAMCredentialsStub(channel, callOptions);
+    }
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public void generateAccessToken(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public void generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static final class IAMCredentialsBlockingStub extends io.grpc.stub.AbstractStub<IAMCredentialsBlockingStub> {
+    private IAMCredentialsBlockingStub(io.grpc.Channel channel) {
+      super(channel);
+    }
+
+    private IAMCredentialsBlockingStub(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected IAMCredentialsBlockingStub build(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      return new IAMCredentialsBlockingStub(channel, callOptions);
+    }
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse generateAccessToken(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getGenerateAccessTokenMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getGenerateIdTokenMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.cloud.iam.credentials.v1.SignBlobResponse signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getSignBlobMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.cloud.iam.credentials.v1.SignJwtResponse signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getSignJwtMethodHelper(), getCallOptions(), request);
+    }
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static final class IAMCredentialsFutureStub extends io.grpc.stub.AbstractStub<IAMCredentialsFutureStub> {
+    private IAMCredentialsFutureStub(io.grpc.Channel channel) {
+      super(channel);
+    }
+
+    private IAMCredentialsFutureStub(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected IAMCredentialsFutureStub build(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      return new IAMCredentialsFutureStub(channel, callOptions);
+    }
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> generateAccessToken(
+        com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> generateIdToken(
+        com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.SignBlobResponse> signBlob(
+        com.google.cloud.iam.credentials.v1.SignBlobRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.SignJwtResponse> signJwt(
+        com.google.cloud.iam.credentials.v1.SignJwtRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request);
+    }
+  }
+
+  private static final int METHODID_GENERATE_ACCESS_TOKEN = 0;
+  private static final int METHODID_GENERATE_ID_TOKEN = 1;
+  private static final int METHODID_SIGN_BLOB = 2;
+  private static final int METHODID_SIGN_JWT = 3;
+
+  private static final class MethodHandlers<Req, Resp> implements
+      io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
+      io.grpc.stub.ServerCalls.ServerStreamingMethod<Req, Resp>,
+      io.grpc.stub.ServerCalls.ClientStreamingMethod<Req, Resp>,
+      io.grpc.stub.ServerCalls.BidiStreamingMethod<Req, Resp> {
+    private final IAMCredentialsImplBase serviceImpl;
+    private final int methodId;
+
+    MethodHandlers(IAMCredentialsImplBase serviceImpl, int methodId) {
+      this.serviceImpl = serviceImpl;
+      this.methodId = methodId;
+    }
+
+    @java.lang.Override
+    @java.lang.SuppressWarnings("unchecked")
+    public void invoke(Req request, io.grpc.stub.StreamObserver<Resp> responseObserver) {
+      switch (methodId) {
+        case METHODID_GENERATE_ACCESS_TOKEN:
+          serviceImpl.generateAccessToken((com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>) responseObserver);
+          break;
+        case METHODID_GENERATE_ID_TOKEN:
+          serviceImpl.generateIdToken((com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>) responseObserver);
+          break;
+        case METHODID_SIGN_BLOB:
+          serviceImpl.signBlob((com.google.cloud.iam.credentials.v1.SignBlobRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse>) responseObserver);
+          break;
+        case METHODID_SIGN_JWT:
+          serviceImpl.signJwt((com.google.cloud.iam.credentials.v1.SignJwtRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse>) responseObserver);
+          break;
+        default:
+          throw new AssertionError();
+      }
+    }
+
+    @java.lang.Override
+    @java.lang.SuppressWarnings("unchecked")
+    public io.grpc.stub.StreamObserver<Req> invoke(
+        io.grpc.stub.StreamObserver<Resp> responseObserver) {
+      switch (methodId) {
+        default:
+          throw new AssertionError();
+      }
+    }
+  }
+
+  private static abstract class IAMCredentialsBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoFileDescriptorSupplier, io.grpc.protobuf.ProtoServiceDescriptorSupplier {
+    IAMCredentialsBaseDescriptorSupplier() {}
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.FileDescriptor getFileDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsProto.getDescriptor();
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.ServiceDescriptor getServiceDescriptor() {
+      return getFileDescriptor().findServiceByName("IAMCredentials");
+    }
+  }
+
+  private static final class IAMCredentialsFileDescriptorSupplier
+      extends IAMCredentialsBaseDescriptorSupplier {
+    IAMCredentialsFileDescriptorSupplier() {}
+  }
+
+  private static final class IAMCredentialsMethodDescriptorSupplier
+      extends IAMCredentialsBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoMethodDescriptorSupplier {
+    private final String methodName;
+
+    IAMCredentialsMethodDescriptorSupplier(String methodName) {
+      this.methodName = methodName;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.MethodDescriptor getMethodDescriptor() {
+      return getServiceDescriptor().findMethodByName(methodName);
+    }
+  }
+
+  private static volatile io.grpc.ServiceDescriptor serviceDescriptor;
+
+  public static io.grpc.ServiceDescriptor getServiceDescriptor() {
+    io.grpc.ServiceDescriptor result = serviceDescriptor;
+    if (result == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        result = serviceDescriptor;
+        if (result == null) {
+          serviceDescriptor = result = io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
+              .setSchemaDescriptor(new IAMCredentialsFileDescriptorSupplier())
+              .addMethod(getGenerateAccessTokenMethodHelper())
+              .addMethod(getGenerateIdTokenMethodHelper())
+              .addMethod(getSignBlobMethodHelper())
+              .addMethod(getSignJwtMethodHelper())
+              .build();
+        }
+      }
+    }
+    return result;
+  }
+}
diff --git a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java
new file mode 100644
index 000000000000..d00145bb53d0
--- /dev/null
+++ b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java
@@ -0,0 +1,720 @@
+package google.iam.credentials.v1;
+
+import static io.grpc.MethodDescriptor.generateFullMethodName;
+import static io.grpc.stub.ClientCalls.asyncBidiStreamingCall;
+import static io.grpc.stub.ClientCalls.asyncClientStreamingCall;
+import static io.grpc.stub.ClientCalls.asyncServerStreamingCall;
+import static io.grpc.stub.ClientCalls.asyncUnaryCall;
+import static io.grpc.stub.ClientCalls.blockingServerStreamingCall;
+import static io.grpc.stub.ClientCalls.blockingUnaryCall;
+import static io.grpc.stub.ClientCalls.futureUnaryCall;
+import static io.grpc.stub.ServerCalls.asyncBidiStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncClientStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncServerStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncUnaryCall;
+import static io.grpc.stub.ServerCalls.asyncUnimplementedStreamingCall;
+import static io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall;
+
+/**
+ * <pre>
+ * A service account is a special type of Google account that belongs to your
+ * application or a virtual machine (VM), instead of to an individual end user.
+ * Your application assumes the identity of the service account to call Google
+ * APIs, so that the users aren't directly involved.
+ * Service account credentials are used to temporarily assume the identity
+ * of the service account. Supported credential types include OAuth 2.0 access
+ * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+ * more.
+ * </pre>
+ */
+@javax.annotation.Generated(
+    value = "by gRPC proto compiler (version 1.10.0)",
+    comments = "Source: google/iam/credentials/v1/iamcredentials.proto")
+public final class IAMCredentialsGrpc {
+
+  private IAMCredentialsGrpc() {}
+
+  public static final String SERVICE_NAME = "google.iam.credentials.v1.IAMCredentials";
+
+  // Static method descriptors that strictly reflect the proto.
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getGenerateAccessTokenMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse> METHOD_GENERATE_ACCESS_TOKEN = getGenerateAccessTokenMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod() {
+    return getGenerateAccessTokenMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest, com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
+    if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
+          IAMCredentialsGrpc.getGenerateAccessTokenMethod = getGenerateAccessTokenMethod = 
+              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.GenerateAccessTokenRequest, com.google.iam.credentials.v1.GenerateAccessTokenResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "GenerateAccessToken"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateAccessToken"))
+                  .build();
+          }
+        }
+     }
+     return getGenerateAccessTokenMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getGenerateIdTokenMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdTokenResponse> METHOD_GENERATE_ID_TOKEN = getGenerateIdTokenMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod() {
+    return getGenerateIdTokenMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest, com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
+    if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
+          IAMCredentialsGrpc.getGenerateIdTokenMethod = getGenerateIdTokenMethod = 
+              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.GenerateIdTokenRequest, com.google.iam.credentials.v1.GenerateIdTokenResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "GenerateIdToken"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateIdToken"))
+                  .build();
+          }
+        }
+     }
+     return getGenerateIdTokenMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getSignBlobMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
+      com.google.iam.credentials.v1.SignBlobResponse> METHOD_SIGN_BLOB = getSignBlobMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
+      com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
+      com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethod() {
+    return getSignBlobMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
+      com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest, com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
+    if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
+          IAMCredentialsGrpc.getSignBlobMethod = getSignBlobMethod = 
+              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.SignBlobRequest, com.google.iam.credentials.v1.SignBlobResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "SignBlob"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.SignBlobRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.SignBlobResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignBlob"))
+                  .build();
+          }
+        }
+     }
+     return getSignBlobMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getSignJwtMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
+      com.google.iam.credentials.v1.SignJwtResponse> METHOD_SIGN_JWT = getSignJwtMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
+      com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
+      com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethod() {
+    return getSignJwtMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
+      com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest, com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
+    if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
+          IAMCredentialsGrpc.getSignJwtMethod = getSignJwtMethod = 
+              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.SignJwtRequest, com.google.iam.credentials.v1.SignJwtResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "SignJwt"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.SignJwtRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.SignJwtResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignJwt"))
+                  .build();
+          }
+        }
+     }
+     return getSignJwtMethod;
+  }
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  @java.lang.Deprecated // Use {@link #getGenerateIdentityBindingAccessTokenMethod()} instead. 
+  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> METHOD_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN = getGenerateIdentityBindingAccessTokenMethodHelper();
+
+  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethod;
+
+  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
+  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethod() {
+    return getGenerateIdentityBindingAccessTokenMethodHelper();
+  }
+
+  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethodHelper() {
+    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethod;
+    if ((getGenerateIdentityBindingAccessTokenMethod = IAMCredentialsGrpc.getGenerateIdentityBindingAccessTokenMethod) == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        if ((getGenerateIdentityBindingAccessTokenMethod = IAMCredentialsGrpc.getGenerateIdentityBindingAccessTokenMethod) == null) {
+          IAMCredentialsGrpc.getGenerateIdentityBindingAccessTokenMethod = getGenerateIdentityBindingAccessTokenMethod = 
+              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse>newBuilder()
+              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(generateFullMethodName(
+                  "google.iam.credentials.v1.IAMCredentials", "GenerateIdentityBindingAccessToken"))
+              .setSampledToLocalTracing(true)
+              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
+                  com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance()))
+                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateIdentityBindingAccessToken"))
+                  .build();
+          }
+        }
+     }
+     return getGenerateIdentityBindingAccessTokenMethod;
+  }
+
+  /**
+   * Creates a new async stub that supports all call types for the service
+   */
+  public static IAMCredentialsStub newStub(io.grpc.Channel channel) {
+    return new IAMCredentialsStub(channel);
+  }
+
+  /**
+   * Creates a new blocking-style stub that supports unary and streaming output calls on the service
+   */
+  public static IAMCredentialsBlockingStub newBlockingStub(
+      io.grpc.Channel channel) {
+    return new IAMCredentialsBlockingStub(channel);
+  }
+
+  /**
+   * Creates a new ListenableFuture-style stub that supports unary calls on the service
+   */
+  public static IAMCredentialsFutureStub newFutureStub(
+      io.grpc.Channel channel) {
+    return new IAMCredentialsFutureStub(channel);
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static abstract class IAMCredentialsImplBase implements io.grpc.BindableService {
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public void generateAccessToken(com.google.iam.credentials.v1.GenerateAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getGenerateAccessTokenMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public void generateIdToken(com.google.iam.credentials.v1.GenerateIdTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getGenerateIdTokenMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signBlob(com.google.iam.credentials.v1.SignBlobRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignBlobResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getSignBlobMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signJwt(com.google.iam.credentials.v1.SignJwtRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignJwtResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getSignJwtMethodHelper(), responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
+     * access token
+     * </pre>
+     */
+    public void generateIdentityBindingAccessToken(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> responseObserver) {
+      asyncUnimplementedUnaryCall(getGenerateIdentityBindingAccessTokenMethodHelper(), responseObserver);
+    }
+
+    @java.lang.Override public final io.grpc.ServerServiceDefinition bindService() {
+      return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor())
+          .addMethod(
+            getGenerateAccessTokenMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.iam.credentials.v1.GenerateAccessTokenRequest,
+                com.google.iam.credentials.v1.GenerateAccessTokenResponse>(
+                  this, METHODID_GENERATE_ACCESS_TOKEN)))
+          .addMethod(
+            getGenerateIdTokenMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.iam.credentials.v1.GenerateIdTokenRequest,
+                com.google.iam.credentials.v1.GenerateIdTokenResponse>(
+                  this, METHODID_GENERATE_ID_TOKEN)))
+          .addMethod(
+            getSignBlobMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.iam.credentials.v1.SignBlobRequest,
+                com.google.iam.credentials.v1.SignBlobResponse>(
+                  this, METHODID_SIGN_BLOB)))
+          .addMethod(
+            getSignJwtMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.iam.credentials.v1.SignJwtRequest,
+                com.google.iam.credentials.v1.SignJwtResponse>(
+                  this, METHODID_SIGN_JWT)))
+          .addMethod(
+            getGenerateIdentityBindingAccessTokenMethodHelper(),
+            asyncUnaryCall(
+              new MethodHandlers<
+                com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
+                com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse>(
+                  this, METHODID_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN)))
+          .build();
+    }
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static final class IAMCredentialsStub extends io.grpc.stub.AbstractStub<IAMCredentialsStub> {
+    private IAMCredentialsStub(io.grpc.Channel channel) {
+      super(channel);
+    }
+
+    private IAMCredentialsStub(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected IAMCredentialsStub build(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      return new IAMCredentialsStub(channel, callOptions);
+    }
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public void generateAccessToken(com.google.iam.credentials.v1.GenerateAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public void generateIdToken(com.google.iam.credentials.v1.GenerateIdTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signBlob(com.google.iam.credentials.v1.SignBlobRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignBlobResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public void signJwt(com.google.iam.credentials.v1.SignJwtRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignJwtResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+
+    /**
+     * <pre>
+     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
+     * access token
+     * </pre>
+     */
+    public void generateIdentityBindingAccessToken(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> responseObserver) {
+      asyncUnaryCall(
+          getChannel().newCall(getGenerateIdentityBindingAccessTokenMethodHelper(), getCallOptions()), request, responseObserver);
+    }
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static final class IAMCredentialsBlockingStub extends io.grpc.stub.AbstractStub<IAMCredentialsBlockingStub> {
+    private IAMCredentialsBlockingStub(io.grpc.Channel channel) {
+      super(channel);
+    }
+
+    private IAMCredentialsBlockingStub(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected IAMCredentialsBlockingStub build(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      return new IAMCredentialsBlockingStub(channel, callOptions);
+    }
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public com.google.iam.credentials.v1.GenerateAccessTokenResponse generateAccessToken(com.google.iam.credentials.v1.GenerateAccessTokenRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getGenerateAccessTokenMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public com.google.iam.credentials.v1.GenerateIdTokenResponse generateIdToken(com.google.iam.credentials.v1.GenerateIdTokenRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getGenerateIdTokenMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.iam.credentials.v1.SignBlobResponse signBlob(com.google.iam.credentials.v1.SignBlobRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getSignBlobMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.iam.credentials.v1.SignJwtResponse signJwt(com.google.iam.credentials.v1.SignJwtRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getSignJwtMethodHelper(), getCallOptions(), request);
+    }
+
+    /**
+     * <pre>
+     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
+     * access token
+     * </pre>
+     */
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse generateIdentityBindingAccessToken(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request) {
+      return blockingUnaryCall(
+          getChannel(), getGenerateIdentityBindingAccessTokenMethodHelper(), getCallOptions(), request);
+    }
+  }
+
+  /**
+   * <pre>
+   * A service account is a special type of Google account that belongs to your
+   * application or a virtual machine (VM), instead of to an individual end user.
+   * Your application assumes the identity of the service account to call Google
+   * APIs, so that the users aren't directly involved.
+   * Service account credentials are used to temporarily assume the identity
+   * of the service account. Supported credential types include OAuth 2.0 access
+   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+   * more.
+   * </pre>
+   */
+  public static final class IAMCredentialsFutureStub extends io.grpc.stub.AbstractStub<IAMCredentialsFutureStub> {
+    private IAMCredentialsFutureStub(io.grpc.Channel channel) {
+      super(channel);
+    }
+
+    private IAMCredentialsFutureStub(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      super(channel, callOptions);
+    }
+
+    @java.lang.Override
+    protected IAMCredentialsFutureStub build(io.grpc.Channel channel,
+        io.grpc.CallOptions callOptions) {
+      return new IAMCredentialsFutureStub(channel, callOptions);
+    }
+
+    /**
+     * <pre>
+     * Generates an OAuth 2.0 access token for a service account.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.GenerateAccessTokenResponse> generateAccessToken(
+        com.google.iam.credentials.v1.GenerateAccessTokenRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Generates an OpenID Connect ID token for a service account.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.GenerateIdTokenResponse> generateIdToken(
+        com.google.iam.credentials.v1.GenerateIdTokenRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a blob using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.SignBlobResponse> signBlob(
+        com.google.iam.credentials.v1.SignBlobRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Signs a JWT using a service account's system-managed private key.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.SignJwtResponse> signJwt(
+        com.google.iam.credentials.v1.SignJwtRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request);
+    }
+
+    /**
+     * <pre>
+     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
+     * access token
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> generateIdentityBindingAccessToken(
+        com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request) {
+      return futureUnaryCall(
+          getChannel().newCall(getGenerateIdentityBindingAccessTokenMethodHelper(), getCallOptions()), request);
+    }
+  }
+
+  private static final int METHODID_GENERATE_ACCESS_TOKEN = 0;
+  private static final int METHODID_GENERATE_ID_TOKEN = 1;
+  private static final int METHODID_SIGN_BLOB = 2;
+  private static final int METHODID_SIGN_JWT = 3;
+  private static final int METHODID_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN = 4;
+
+  private static final class MethodHandlers<Req, Resp> implements
+      io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
+      io.grpc.stub.ServerCalls.ServerStreamingMethod<Req, Resp>,
+      io.grpc.stub.ServerCalls.ClientStreamingMethod<Req, Resp>,
+      io.grpc.stub.ServerCalls.BidiStreamingMethod<Req, Resp> {
+    private final IAMCredentialsImplBase serviceImpl;
+    private final int methodId;
+
+    MethodHandlers(IAMCredentialsImplBase serviceImpl, int methodId) {
+      this.serviceImpl = serviceImpl;
+      this.methodId = methodId;
+    }
+
+    @java.lang.Override
+    @java.lang.SuppressWarnings("unchecked")
+    public void invoke(Req request, io.grpc.stub.StreamObserver<Resp> responseObserver) {
+      switch (methodId) {
+        case METHODID_GENERATE_ACCESS_TOKEN:
+          serviceImpl.generateAccessToken((com.google.iam.credentials.v1.GenerateAccessTokenRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateAccessTokenResponse>) responseObserver);
+          break;
+        case METHODID_GENERATE_ID_TOKEN:
+          serviceImpl.generateIdToken((com.google.iam.credentials.v1.GenerateIdTokenRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdTokenResponse>) responseObserver);
+          break;
+        case METHODID_SIGN_BLOB:
+          serviceImpl.signBlob((com.google.iam.credentials.v1.SignBlobRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignBlobResponse>) responseObserver);
+          break;
+        case METHODID_SIGN_JWT:
+          serviceImpl.signJwt((com.google.iam.credentials.v1.SignJwtRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignJwtResponse>) responseObserver);
+          break;
+        case METHODID_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN:
+          serviceImpl.generateIdentityBindingAccessToken((com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse>) responseObserver);
+          break;
+        default:
+          throw new AssertionError();
+      }
+    }
+
+    @java.lang.Override
+    @java.lang.SuppressWarnings("unchecked")
+    public io.grpc.stub.StreamObserver<Req> invoke(
+        io.grpc.stub.StreamObserver<Resp> responseObserver) {
+      switch (methodId) {
+        default:
+          throw new AssertionError();
+      }
+    }
+  }
+
+  private static abstract class IAMCredentialsBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoFileDescriptorSupplier, io.grpc.protobuf.ProtoServiceDescriptorSupplier {
+    IAMCredentialsBaseDescriptorSupplier() {}
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.FileDescriptor getFileDescriptor() {
+      return google.iam.credentials.v1.Iamcredentials.getDescriptor();
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.ServiceDescriptor getServiceDescriptor() {
+      return getFileDescriptor().findServiceByName("IAMCredentials");
+    }
+  }
+
+  private static final class IAMCredentialsFileDescriptorSupplier
+      extends IAMCredentialsBaseDescriptorSupplier {
+    IAMCredentialsFileDescriptorSupplier() {}
+  }
+
+  private static final class IAMCredentialsMethodDescriptorSupplier
+      extends IAMCredentialsBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoMethodDescriptorSupplier {
+    private final String methodName;
+
+    IAMCredentialsMethodDescriptorSupplier(String methodName) {
+      this.methodName = methodName;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.MethodDescriptor getMethodDescriptor() {
+      return getServiceDescriptor().findMethodByName(methodName);
+    }
+  }
+
+  private static volatile io.grpc.ServiceDescriptor serviceDescriptor;
+
+  public static io.grpc.ServiceDescriptor getServiceDescriptor() {
+    io.grpc.ServiceDescriptor result = serviceDescriptor;
+    if (result == null) {
+      synchronized (IAMCredentialsGrpc.class) {
+        result = serviceDescriptor;
+        if (result == null) {
+          serviceDescriptor = result = io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
+              .setSchemaDescriptor(new IAMCredentialsFileDescriptorSupplier())
+              .addMethod(getGenerateAccessTokenMethodHelper())
+              .addMethod(getGenerateIdTokenMethodHelper())
+              .addMethod(getSignBlobMethodHelper())
+              .addMethod(getSignJwtMethodHelper())
+              .addMethod(getGenerateIdentityBindingAccessTokenMethodHelper())
+              .build();
+        }
+      }
+    }
+    return result;
+  }
+}
diff --git a/google-api-grpc/pom.xml b/google-api-grpc/pom.xml
index fa571c4f3ef1..9f3492403027 100644
--- a/google-api-grpc/pom.xml
+++ b/google-api-grpc/pom.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version='1.0' encoding='UTF-8'?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.google.api.grpc</groupId>
@@ -634,7 +634,7 @@
         <artifactId>grpc-google-cloud-websecurityscanner-v1alpha</artifactId>
         <version>0.38.1-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-websecurityscanner-v1alpha:current} -->
       </dependency>
-    </dependencies>
+    <dependency><groupId>com.google.api.grpc</groupId><artifactId>proto-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:proto-google-cloud-iamcredentials-v1:current}--></dependency><dependency><groupId>com.google.api.grpc</groupId><artifactId>grpc-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:grpc-google-cloud-iamcredentials-v1:current}--></dependency></dependencies>
   </dependencyManagement>
 
   <modules>
@@ -653,7 +653,7 @@
     <module>grpc-google-cloud-dlp-v2</module>
     <module>grpc-google-cloud-error-reporting-v1beta1</module>
     <module>grpc-google-cloud-firestore-v1beta1</module>
-    <module>grpc-google-cloud-iot-v1</module>
+    <module>grpc-google-cloud-iamcredentials-v1</module><module>grpc-google-cloud-iot-v1</module>
     <module>grpc-google-cloud-kms-v1</module>
     <module>grpc-google-cloud-language-v1</module>
     <module>grpc-google-cloud-language-v1beta2</module>
@@ -704,7 +704,7 @@
     <module>proto-google-cloud-dlp-v2</module>
     <module>proto-google-cloud-error-reporting-v1beta1</module>
     <module>proto-google-cloud-firestore-v1beta1</module>
-    <module>proto-google-cloud-iot-v1</module>
+    <module>proto-google-cloud-iamcredentials-v1</module><module>proto-google-cloud-iot-v1</module>
     <module>proto-google-cloud-kms-v1</module>
     <module>proto-google-cloud-language-v1</module>
     <module>proto-google-cloud-language-v1beta2</module>
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml b/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml
new file mode 100644
index 000000000000..1a537dfa6836
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml
@@ -0,0 +1,36 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <artifactId>proto-google-cloud-iamcredentials-v1</artifactId>
+  <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:proto-google-cloud-iamcredentials-v1:current} -->
+  <name>proto-google-cloud-iamcredentials-v1</name>
+  <description>PROTO library for proto-google-cloud-iamcredentials-v1</description>
+  <parent>
+    <groupId>com.google.api.grpc</groupId>
+    <artifactId>google-api-grpc</artifactId>
+    <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-api-grpc:current} -->
+  </parent>
+  <dependencies>
+    <dependency>
+      <groupId>com.google.protobuf</groupId>
+      <artifactId>protobuf-java</artifactId>
+      <scope>compile</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api</groupId>
+      <artifactId>api-common</artifactId>
+      <scope>compile</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-common-protos</artifactId>
+      <scope>compile</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-iam-v1</artifactId>
+      <scope>compile</scope>
+    </dependency>
+  </dependencies>
+</project>
\ No newline at end of file
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java
new file mode 100644
index 000000000000..2ef4d87096d6
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java
@@ -0,0 +1,1427 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
+ */
+public  final class GenerateAccessTokenRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
+    GenerateAccessTokenRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateAccessTokenRequest.newBuilder() to construct.
+  private GenerateAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateAccessTokenRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateAccessTokenRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 34: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
+              scope_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000004;
+            }
+            scope_.add(s);
+            break;
+          }
+          case 58: {
+            com.google.protobuf.Duration.Builder subBuilder = null;
+            if (lifetime_ != null) {
+              subBuilder = lifetime_.toBuilder();
+            }
+            lifetime_ = input.readMessage(com.google.protobuf.Duration.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(lifetime_);
+              lifetime_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      if (((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
+        scope_ = scope_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 2;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int SCOPE_FIELD_NUMBER = 4;
+  private com.google.protobuf.LazyStringList scope_;
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getScopeList() {
+    return scope_;
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public int getScopeCount() {
+    return scope_.size();
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public java.lang.String getScope(int index) {
+    return scope_.get(index);
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public com.google.protobuf.ByteString
+      getScopeBytes(int index) {
+    return scope_.getByteString(index);
+  }
+
+  public static final int LIFETIME_FIELD_NUMBER = 7;
+  private com.google.protobuf.Duration lifetime_;
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  public boolean hasLifetime() {
+    return lifetime_ != null;
+  }
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  public com.google.protobuf.Duration getLifetime() {
+    return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+  }
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
+    return getLifetime();
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, delegates_.getRaw(i));
+    }
+    for (int i = 0; i < scope_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 4, scope_.getRaw(i));
+    }
+    if (lifetime_ != null) {
+      output.writeMessage(7, getLifetime());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < scope_.size(); i++) {
+        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getScopeList().size();
+    }
+    if (lifetime_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(7, getLifetime());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest other = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getScopeList()
+        .equals(other.getScopeList());
+    result = result && (hasLifetime() == other.hasLifetime());
+    if (hasLifetime()) {
+      result = result && getLifetime()
+          .equals(other.getLifetime());
+    }
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    if (getScopeCount() > 0) {
+      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
+      hash = (53 * hash) + getScopeList().hashCode();
+    }
+    if (hasLifetime()) {
+      hash = (37 * hash) + LIFETIME_FIELD_NUMBER;
+      hash = (53 * hash) + getLifetime().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000004);
+      if (lifetimeBuilder_ == null) {
+        lifetime_ = null;
+      } else {
+        lifetime_ = null;
+        lifetimeBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest build() {
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest buildPartial() {
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest result = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      if (((bitField0_ & 0x00000004) == 0x00000004)) {
+        scope_ = scope_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000004);
+      }
+      result.scope_ = scope_;
+      if (lifetimeBuilder_ == null) {
+        result.lifetime_ = lifetime_;
+      } else {
+        result.lifetime_ = lifetimeBuilder_.build();
+      }
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest other) {
+      if (other == com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (!other.scope_.isEmpty()) {
+        if (scope_.isEmpty()) {
+          scope_ = other.scope_;
+          bitField0_ = (bitField0_ & ~0x00000004);
+        } else {
+          ensureScopeIsMutable();
+          scope_.addAll(other.scope_);
+        }
+        onChanged();
+      }
+      if (other.hasLifetime()) {
+        mergeLifetime(other.getLifetime());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureScopeIsMutable() {
+      if (!((bitField0_ & 0x00000004) == 0x00000004)) {
+        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
+        bitField0_ |= 0x00000004;
+       }
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getScopeList() {
+      return scope_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public int getScopeCount() {
+      return scope_.size();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public java.lang.String getScope(int index) {
+      return scope_.get(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public com.google.protobuf.ByteString
+        getScopeBytes(int index) {
+      return scope_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder setScope(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder addScope(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder addAllScope(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureScopeIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, scope_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder clearScope() {
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000004);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder addScopeBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Duration lifetime_ = null;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> lifetimeBuilder_;
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public boolean hasLifetime() {
+      return lifetimeBuilder_ != null || lifetime_ != null;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public com.google.protobuf.Duration getLifetime() {
+      if (lifetimeBuilder_ == null) {
+        return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+      } else {
+        return lifetimeBuilder_.getMessage();
+      }
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder setLifetime(com.google.protobuf.Duration value) {
+      if (lifetimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        lifetime_ = value;
+        onChanged();
+      } else {
+        lifetimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder setLifetime(
+        com.google.protobuf.Duration.Builder builderForValue) {
+      if (lifetimeBuilder_ == null) {
+        lifetime_ = builderForValue.build();
+        onChanged();
+      } else {
+        lifetimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder mergeLifetime(com.google.protobuf.Duration value) {
+      if (lifetimeBuilder_ == null) {
+        if (lifetime_ != null) {
+          lifetime_ =
+            com.google.protobuf.Duration.newBuilder(lifetime_).mergeFrom(value).buildPartial();
+        } else {
+          lifetime_ = value;
+        }
+        onChanged();
+      } else {
+        lifetimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder clearLifetime() {
+      if (lifetimeBuilder_ == null) {
+        lifetime_ = null;
+        onChanged();
+      } else {
+        lifetime_ = null;
+        lifetimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public com.google.protobuf.Duration.Builder getLifetimeBuilder() {
+      
+      onChanged();
+      return getLifetimeFieldBuilder().getBuilder();
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
+      if (lifetimeBuilder_ != null) {
+        return lifetimeBuilder_.getMessageOrBuilder();
+      } else {
+        return lifetime_ == null ?
+            com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+      }
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> 
+        getLifetimeFieldBuilder() {
+      if (lifetimeBuilder_ == null) {
+        lifetimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder>(
+                getLifetime(),
+                getParentForChildren(),
+                isClean());
+        lifetime_ = null;
+      }
+      return lifetimeBuilder_;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
+  private static final com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateAccessTokenRequest>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenRequest>() {
+    @java.lang.Override
+    public GenerateAccessTokenRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateAccessTokenRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateAccessTokenRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateAccessTokenRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
new file mode 100644
index 000000000000..f102bb4025d3
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
@@ -0,0 +1,175 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface GenerateAccessTokenRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  java.util.List<java.lang.String>
+      getScopeList();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  int getScopeCount();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  java.lang.String getScope(int index);
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  com.google.protobuf.ByteString
+      getScopeBytes(int index);
+
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  boolean hasLifetime();
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  com.google.protobuf.Duration getLifetime();
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java
new file mode 100644
index 000000000000..796b948a2e4e
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java
@@ -0,0 +1,810 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
+ */
+public  final class GenerateAccessTokenResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
+    GenerateAccessTokenResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateAccessTokenResponse.newBuilder() to construct.
+  private GenerateAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateAccessTokenResponse() {
+    accessToken_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateAccessTokenResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            accessToken_ = s;
+            break;
+          }
+          case 26: {
+            com.google.protobuf.Timestamp.Builder subBuilder = null;
+            if (expireTime_ != null) {
+              subBuilder = expireTime_.toBuilder();
+            }
+            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(expireTime_);
+              expireTime_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
+  }
+
+  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object accessToken_;
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public java.lang.String getAccessToken() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      accessToken_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getAccessTokenBytes() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      accessToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int EXPIRE_TIME_FIELD_NUMBER = 3;
+  private com.google.protobuf.Timestamp expireTime_;
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  public boolean hasExpireTime() {
+    return expireTime_ != null;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  public com.google.protobuf.Timestamp getExpireTime() {
+    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+    return getExpireTime();
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getAccessTokenBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      output.writeMessage(3, getExpireTime());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getAccessTokenBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(3, getExpireTime());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse other = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) obj;
+
+    boolean result = true;
+    result = result && getAccessToken()
+        .equals(other.getAccessToken());
+    result = result && (hasExpireTime() == other.hasExpireTime());
+    if (hasExpireTime()) {
+      result = result && getExpireTime()
+          .equals(other.getExpireTime());
+    }
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getAccessToken().hashCode();
+    if (hasExpireTime()) {
+      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getExpireTime().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      accessToken_ = "";
+
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse build() {
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse buildPartial() {
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse result = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse(this);
+      result.accessToken_ = accessToken_;
+      if (expireTimeBuilder_ == null) {
+        result.expireTime_ = expireTime_;
+      } else {
+        result.expireTime_ = expireTimeBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse other) {
+      if (other == com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()) return this;
+      if (!other.getAccessToken().isEmpty()) {
+        accessToken_ = other.accessToken_;
+        onChanged();
+      }
+      if (other.hasExpireTime()) {
+        mergeExpireTime(other.getExpireTime());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object accessToken_ = "";
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public java.lang.String getAccessToken() {
+      java.lang.Object ref = accessToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        accessToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getAccessTokenBytes() {
+      java.lang.Object ref = accessToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        accessToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessToken(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder clearAccessToken() {
+      
+      accessToken_ = getDefaultInstance().getAccessToken();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessTokenBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp expireTime_ = null;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public boolean hasExpireTime() {
+      return expireTimeBuilder_ != null || expireTime_ != null;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public com.google.protobuf.Timestamp getExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      } else {
+        return expireTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        expireTime_ = value;
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder setExpireTime(
+        com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (expireTime_ != null) {
+          expireTime_ =
+            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
+        } else {
+          expireTime_ = value;
+        }
+        onChanged();
+      } else {
+        expireTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder clearExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+        onChanged();
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
+      
+      onChanged();
+      return getExpireTimeFieldBuilder().getBuilder();
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+      if (expireTimeBuilder_ != null) {
+        return expireTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return expireTime_ == null ?
+            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
+        getExpireTimeFieldBuilder() {
+      if (expireTimeBuilder_ == null) {
+        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
+                getExpireTime(),
+                getParentForChildren(),
+                isClean());
+        expireTime_ = null;
+      }
+      return expireTimeBuilder_;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
+  private static final com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateAccessTokenResponse>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenResponse>() {
+    @java.lang.Override
+    public GenerateAccessTokenResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateAccessTokenResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateAccessTokenResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateAccessTokenResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
new file mode 100644
index 000000000000..cd79f9c0daba
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
@@ -0,0 +1,55 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface GenerateAccessTokenResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  java.lang.String getAccessToken();
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getAccessTokenBytes();
+
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  boolean hasExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  com.google.protobuf.Timestamp getExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java
new file mode 100644
index 000000000000..60daf9c8aca1
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java
@@ -0,0 +1,1142 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
+ */
+public  final class GenerateIdTokenRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
+    GenerateIdTokenRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdTokenRequest.newBuilder() to construct.
+  private GenerateIdTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdTokenRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    audience_ = "";
+    includeEmail_ = false;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdTokenRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            audience_ = s;
+            break;
+          }
+          case 32: {
+
+            includeEmail_ = input.readBool();
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 2;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int AUDIENCE_FIELD_NUMBER = 3;
+  private volatile java.lang.Object audience_;
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  public java.lang.String getAudience() {
+    java.lang.Object ref = audience_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      audience_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getAudienceBytes() {
+    java.lang.Object ref = audience_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      audience_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int INCLUDE_EMAIL_FIELD_NUMBER = 4;
+  private boolean includeEmail_;
+  /**
+   * <pre>
+   * Include the service account email in the token. If set to `true`, the
+   * token will contain `email` and `email_verified` claims.
+   * </pre>
+   *
+   * <code>bool include_email = 4;</code>
+   */
+  public boolean getIncludeEmail() {
+    return includeEmail_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, delegates_.getRaw(i));
+    }
+    if (!getAudienceBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, audience_);
+    }
+    if (includeEmail_ != false) {
+      output.writeBool(4, includeEmail_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    if (!getAudienceBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, audience_);
+    }
+    if (includeEmail_ != false) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBoolSize(4, includeEmail_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest other = (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getAudience()
+        .equals(other.getAudience());
+    result = result && (getIncludeEmail()
+        == other.getIncludeEmail());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    hash = (37 * hash) + AUDIENCE_FIELD_NUMBER;
+    hash = (53 * hash) + getAudience().hashCode();
+    hash = (37 * hash) + INCLUDE_EMAIL_FIELD_NUMBER;
+    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(
+        getIncludeEmail());
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      audience_ = "";
+
+      includeEmail_ = false;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest build() {
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest buildPartial() {
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest result = new com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      result.audience_ = audience_;
+      result.includeEmail_ = includeEmail_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest other) {
+      if (other == com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (!other.getAudience().isEmpty()) {
+        audience_ = other.audience_;
+        onChanged();
+      }
+      if (other.getIncludeEmail() != false) {
+        setIncludeEmail(other.getIncludeEmail());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object audience_ = "";
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public java.lang.String getAudience() {
+      java.lang.Object ref = audience_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        audience_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getAudienceBytes() {
+      java.lang.Object ref = audience_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        audience_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public Builder setAudience(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      audience_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public Builder clearAudience() {
+      
+      audience_ = getDefaultInstance().getAudience();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public Builder setAudienceBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      audience_ = value;
+      onChanged();
+      return this;
+    }
+
+    private boolean includeEmail_ ;
+    /**
+     * <pre>
+     * Include the service account email in the token. If set to `true`, the
+     * token will contain `email` and `email_verified` claims.
+     * </pre>
+     *
+     * <code>bool include_email = 4;</code>
+     */
+    public boolean getIncludeEmail() {
+      return includeEmail_;
+    }
+    /**
+     * <pre>
+     * Include the service account email in the token. If set to `true`, the
+     * token will contain `email` and `email_verified` claims.
+     * </pre>
+     *
+     * <code>bool include_email = 4;</code>
+     */
+    public Builder setIncludeEmail(boolean value) {
+      
+      includeEmail_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Include the service account email in the token. If set to `true`, the
+     * token will contain `email` and `email_verified` claims.
+     * </pre>
+     *
+     * <code>bool include_email = 4;</code>
+     */
+    public Builder clearIncludeEmail() {
+      
+      includeEmail_ = false;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
+  private static final com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdTokenRequest>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenRequest>() {
+    @java.lang.Override
+    public GenerateIdTokenRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdTokenRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdTokenRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdTokenRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
new file mode 100644
index 000000000000..f9ebdcb82438
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
@@ -0,0 +1,124 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface GenerateIdTokenRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  java.lang.String getAudience();
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getAudienceBytes();
+
+  /**
+   * <pre>
+   * Include the service account email in the token. If set to `true`, the
+   * token will contain `email` and `email_verified` claims.
+   * </pre>
+   *
+   * <code>bool include_email = 4;</code>
+   */
+  boolean getIncludeEmail();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java
new file mode 100644
index 000000000000..2fcfed7fd490
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java
@@ -0,0 +1,569 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
+ */
+public  final class GenerateIdTokenResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
+    GenerateIdTokenResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdTokenResponse.newBuilder() to construct.
+  private GenerateIdTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdTokenResponse() {
+    token_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdTokenResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            token_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
+  }
+
+  public static final int TOKEN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object token_;
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  public java.lang.String getToken() {
+    java.lang.Object ref = token_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      token_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getTokenBytes() {
+    java.lang.Object ref = token_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      token_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getTokenBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, token_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getTokenBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, token_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse other = (com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) obj;
+
+    boolean result = true;
+    result = result && getToken()
+        .equals(other.getToken());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      token_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse build() {
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse buildPartial() {
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse result = new com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse(this);
+      result.token_ = token_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse other) {
+      if (other == com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()) return this;
+      if (!other.getToken().isEmpty()) {
+        token_ = other.token_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object token_ = "";
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public java.lang.String getToken() {
+      java.lang.Object ref = token_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        token_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getTokenBytes() {
+      java.lang.Object ref = token_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        token_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public Builder setToken(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      token_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public Builder clearToken() {
+      
+      token_ = getDefaultInstance().getToken();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public Builder setTokenBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      token_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
+  private static final com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdTokenResponse>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenResponse>() {
+    @java.lang.Override
+    public GenerateIdTokenResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdTokenResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdTokenResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdTokenResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
new file mode 100644
index 000000000000..567a83b6b976
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
@@ -0,0 +1,27 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface GenerateIdTokenResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  java.lang.String getToken();
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getTokenBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
new file mode 100644
index 000000000000..97912aea2c9f
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
@@ -0,0 +1,1298 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
+ */
+public  final class GenerateIdentityBindingAccessTokenRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+    GenerateIdentityBindingAccessTokenRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdentityBindingAccessTokenRequest.newBuilder() to construct.
+  private GenerateIdentityBindingAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdentityBindingAccessTokenRequest() {
+    name_ = "";
+    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    jwt_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdentityBindingAccessTokenRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              scope_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            scope_.add(s);
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            jwt_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        scope_ = scope_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SCOPE_FIELD_NUMBER = 2;
+  private com.google.protobuf.LazyStringList scope_;
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getScopeList() {
+    return scope_;
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public int getScopeCount() {
+    return scope_.size();
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public java.lang.String getScope(int index) {
+    return scope_.get(index);
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getScopeBytes(int index) {
+    return scope_.getByteString(index);
+  }
+
+  public static final int JWT_FIELD_NUMBER = 3;
+  private volatile java.lang.Object jwt_;
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  public java.lang.String getJwt() {
+    java.lang.Object ref = jwt_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      jwt_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getJwtBytes() {
+    java.lang.Object ref = jwt_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      jwt_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < scope_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, scope_.getRaw(i));
+    }
+    if (!getJwtBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, jwt_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < scope_.size(); i++) {
+        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getScopeList().size();
+    }
+    if (!getJwtBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, jwt_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getScopeList()
+        .equals(other.getScopeList());
+    result = result && getJwt()
+        .equals(other.getJwt());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getScopeCount() > 0) {
+      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
+      hash = (53 * hash) + getScopeList().hashCode();
+    }
+    hash = (37 * hash) + JWT_FIELD_NUMBER;
+    hash = (53 * hash) + getJwt().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      jwt_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest build() {
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest buildPartial() {
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        scope_ = scope_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.scope_ = scope_;
+      result.jwt_ = jwt_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other) {
+      if (other == com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.scope_.isEmpty()) {
+        if (scope_.isEmpty()) {
+          scope_ = other.scope_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureScopeIsMutable();
+          scope_.addAll(other.scope_);
+        }
+        onChanged();
+      }
+      if (!other.getJwt().isEmpty()) {
+        jwt_ = other.jwt_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureScopeIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getScopeList() {
+      return scope_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public int getScopeCount() {
+      return scope_.size();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public java.lang.String getScope(int index) {
+      return scope_.get(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getScopeBytes(int index) {
+      return scope_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder setScope(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder addScope(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder addAllScope(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureScopeIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, scope_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder clearScope() {
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder addScopeBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object jwt_ = "";
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public java.lang.String getJwt() {
+      java.lang.Object ref = jwt_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        jwt_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getJwtBytes() {
+      java.lang.Object ref = jwt_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        jwt_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public Builder setJwt(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      jwt_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public Builder clearJwt() {
+      
+      jwt_ = getDefaultInstance().getJwt();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public Builder setJwtBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      jwt_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+  private static final com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenRequest>() {
+    @java.lang.Override
+    public GenerateIdentityBindingAccessTokenRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdentityBindingAccessTokenRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
new file mode 100644
index 000000000000..1e7369746c92
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
@@ -0,0 +1,180 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface GenerateIdentityBindingAccessTokenRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  java.util.List<java.lang.String>
+      getScopeList();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  int getScopeCount();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  java.lang.String getScope(int index);
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getScopeBytes(int index);
+
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  java.lang.String getJwt();
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getJwtBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
new file mode 100644
index 000000000000..65ccddaf73de
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
@@ -0,0 +1,810 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
+ */
+public  final class GenerateIdentityBindingAccessTokenResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+    GenerateIdentityBindingAccessTokenResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdentityBindingAccessTokenResponse.newBuilder() to construct.
+  private GenerateIdentityBindingAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdentityBindingAccessTokenResponse() {
+    accessToken_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdentityBindingAccessTokenResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            accessToken_ = s;
+            break;
+          }
+          case 18: {
+            com.google.protobuf.Timestamp.Builder subBuilder = null;
+            if (expireTime_ != null) {
+              subBuilder = expireTime_.toBuilder();
+            }
+            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(expireTime_);
+              expireTime_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
+  }
+
+  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object accessToken_;
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public java.lang.String getAccessToken() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      accessToken_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getAccessTokenBytes() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      accessToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int EXPIRE_TIME_FIELD_NUMBER = 2;
+  private com.google.protobuf.Timestamp expireTime_;
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  public boolean hasExpireTime() {
+    return expireTime_ != null;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  public com.google.protobuf.Timestamp getExpireTime() {
+    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+    return getExpireTime();
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getAccessTokenBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      output.writeMessage(2, getExpireTime());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getAccessTokenBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(2, getExpireTime());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) obj;
+
+    boolean result = true;
+    result = result && getAccessToken()
+        .equals(other.getAccessToken());
+    result = result && (hasExpireTime() == other.hasExpireTime());
+    if (hasExpireTime()) {
+      result = result && getExpireTime()
+          .equals(other.getExpireTime());
+    }
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getAccessToken().hashCode();
+    if (hasExpireTime()) {
+      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getExpireTime().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      accessToken_ = "";
+
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse build() {
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse buildPartial() {
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse(this);
+      result.accessToken_ = accessToken_;
+      if (expireTimeBuilder_ == null) {
+        result.expireTime_ = expireTime_;
+      } else {
+        result.expireTime_ = expireTimeBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other) {
+      if (other == com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance()) return this;
+      if (!other.getAccessToken().isEmpty()) {
+        accessToken_ = other.accessToken_;
+        onChanged();
+      }
+      if (other.hasExpireTime()) {
+        mergeExpireTime(other.getExpireTime());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object accessToken_ = "";
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public java.lang.String getAccessToken() {
+      java.lang.Object ref = accessToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        accessToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getAccessTokenBytes() {
+      java.lang.Object ref = accessToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        accessToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessToken(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder clearAccessToken() {
+      
+      accessToken_ = getDefaultInstance().getAccessToken();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessTokenBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp expireTime_ = null;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public boolean hasExpireTime() {
+      return expireTimeBuilder_ != null || expireTime_ != null;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public com.google.protobuf.Timestamp getExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      } else {
+        return expireTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        expireTime_ = value;
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder setExpireTime(
+        com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (expireTime_ != null) {
+          expireTime_ =
+            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
+        } else {
+          expireTime_ = value;
+        }
+        onChanged();
+      } else {
+        expireTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder clearExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+        onChanged();
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
+      
+      onChanged();
+      return getExpireTimeFieldBuilder().getBuilder();
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+      if (expireTimeBuilder_ != null) {
+        return expireTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return expireTime_ == null ?
+            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
+        getExpireTimeFieldBuilder() {
+      if (expireTimeBuilder_ == null) {
+        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
+                getExpireTime(),
+                getParentForChildren(),
+                isClean());
+        expireTime_ = null;
+      }
+      return expireTimeBuilder_;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+  private static final com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenResponse>() {
+    @java.lang.Override
+    public GenerateIdentityBindingAccessTokenResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdentityBindingAccessTokenResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
new file mode 100644
index 000000000000..a6bf4085216f
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
@@ -0,0 +1,55 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface GenerateIdentityBindingAccessTokenResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  java.lang.String getAccessToken();
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getAccessTokenBytes();
+
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  boolean hasExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  com.google.protobuf.Timestamp getExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java
new file mode 100644
index 000000000000..16a32d648f56
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java
@@ -0,0 +1,157 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public final class IAMCredentialsCommonProto {
+  private IAMCredentialsCommonProto() {}
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistryLite registry) {
+  }
+
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions(
+        (com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor
+      getDescriptor() {
+    return descriptor;
+  }
+  private static  com.google.protobuf.Descriptors.FileDescriptor
+      descriptor;
+  static {
+    java.lang.String[] descriptorData = {
+      "\n&google/iam/credentials/v1/common.proto" +
+      "\022\031google.iam.credentials.v1\032\036google/prot" +
+      "obuf/duration.proto\032\037google/protobuf/tim" +
+      "estamp.proto\"y\n\032GenerateAccessTokenReque" +
+      "st\022\014\n\004name\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\r\n\005s" +
+      "cope\030\004 \003(\t\022+\n\010lifetime\030\007 \001(\0132\031.google.pr" +
+      "otobuf.Duration\"d\n\033GenerateAccessTokenRe" +
+      "sponse\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_t" +
+      "ime\030\003 \001(\0132\032.google.protobuf.Timestamp\"C\n" +
+      "\017SignBlobRequest\022\014\n\004name\030\001 \001(\t\022\021\n\tdelega" +
+      "tes\030\003 \003(\t\022\017\n\007payload\030\005 \001(\014\"7\n\020SignBlobRe" +
+      "sponse\022\016\n\006key_id\030\001 \001(\t\022\023\n\013signed_blob\030\004 " +
+      "\001(\014\"B\n\016SignJwtRequest\022\014\n\004name\030\001 \001(\t\022\021\n\td" +
+      "elegates\030\003 \003(\t\022\017\n\007payload\030\005 \001(\t\"5\n\017SignJ" +
+      "wtResponse\022\016\n\006key_id\030\001 \001(\t\022\022\n\nsigned_jwt" +
+      "\030\002 \001(\t\"b\n\026GenerateIdTokenRequest\022\014\n\004name" +
+      "\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\020\n\010audience\030\003 " +
+      "\001(\t\022\025\n\rinclude_email\030\004 \001(\010\"(\n\027GenerateId" +
+      "TokenResponse\022\r\n\005token\030\001 \001(\tB\213\001\n#com.goo" +
+      "gle.cloud.iam.credentials.v1B\031IAMCredent" +
+      "ialsCommonProtoP\001ZDgoogle.golang.org/gen" +
+      "proto/googleapis/iam/credentials/v1;cred" +
+      "entials\370\001\001b\006proto3"
+    };
+    com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
+        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
+          public com.google.protobuf.ExtensionRegistry assignDescriptors(
+              com.google.protobuf.Descriptors.FileDescriptor root) {
+            descriptor = root;
+            return null;
+          }
+        };
+    com.google.protobuf.Descriptors.FileDescriptor
+      .internalBuildGeneratedFileFrom(descriptorData,
+        new com.google.protobuf.Descriptors.FileDescriptor[] {
+          com.google.protobuf.DurationProto.getDescriptor(),
+          com.google.protobuf.TimestampProto.getDescriptor(),
+        }, assigner);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor =
+      getDescriptor().getMessageTypes().get(0);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Scope", "Lifetime", });
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor =
+      getDescriptor().getMessageTypes().get(1);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor,
+        new java.lang.String[] { "AccessToken", "ExpireTime", });
+    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor =
+      getDescriptor().getMessageTypes().get(2);
+    internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Payload", });
+    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor =
+      getDescriptor().getMessageTypes().get(3);
+    internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor,
+        new java.lang.String[] { "KeyId", "SignedBlob", });
+    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor =
+      getDescriptor().getMessageTypes().get(4);
+    internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Payload", });
+    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor =
+      getDescriptor().getMessageTypes().get(5);
+    internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor,
+        new java.lang.String[] { "KeyId", "SignedJwt", });
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor =
+      getDescriptor().getMessageTypes().get(6);
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Audience", "IncludeEmail", });
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor =
+      getDescriptor().getMessageTypes().get(7);
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor,
+        new java.lang.String[] { "Token", });
+    com.google.protobuf.DurationProto.getDescriptor();
+    com.google.protobuf.TimestampProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java
new file mode 100644
index 000000000000..0844d24c02df
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java
@@ -0,0 +1,77 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/iamcredentials.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public final class IAMCredentialsProto {
+  private IAMCredentialsProto() {}
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistryLite registry) {
+  }
+
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions(
+        (com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  public static com.google.protobuf.Descriptors.FileDescriptor
+      getDescriptor() {
+    return descriptor;
+  }
+  private static  com.google.protobuf.Descriptors.FileDescriptor
+      descriptor;
+  static {
+    java.lang.String[] descriptorData = {
+      "\n.google/iam/credentials/v1/iamcredentia" +
+      "ls.proto\022\031google.iam.credentials.v1\032\034goo" +
+      "gle/api/annotations.proto\032&google/iam/cr" +
+      "edentials/v1/common.proto2\340\005\n\016IAMCredent" +
+      "ials\022\314\001\n\023GenerateAccessToken\0225.google.ia" +
+      "m.credentials.v1.GenerateAccessTokenRequ" +
+      "est\0326.google.iam.credentials.v1.Generate" +
+      "AccessTokenResponse\"F\202\323\344\223\002@\";/v1/{name=p" +
+      "rojects/*/serviceAccounts/*}:generateAcc" +
+      "essToken:\001*\022\274\001\n\017GenerateIdToken\0221.google" +
+      ".iam.credentials.v1.GenerateIdTokenReque" +
+      "st\0322.google.iam.credentials.v1.GenerateI" +
+      "dTokenResponse\"B\202\323\344\223\002<\"7/v1/{name=projec" +
+      "ts/*/serviceAccounts/*}:generateIdToken:" +
+      "\001*\022\240\001\n\010SignBlob\022*.google.iam.credentials" +
+      ".v1.SignBlobRequest\032+.google.iam.credent" +
+      "ials.v1.SignBlobResponse\";\202\323\344\223\0025\"0/v1/{n" +
+      "ame=projects/*/serviceAccounts/*}:signBl" +
+      "ob:\001*\022\234\001\n\007SignJwt\022).google.iam.credentia" +
+      "ls.v1.SignJwtRequest\032*.google.iam.creden" +
+      "tials.v1.SignJwtResponse\":\202\323\344\223\0024\"//v1/{n" +
+      "ame=projects/*/serviceAccounts/*}:signJw" +
+      "t:\001*B\205\001\n#com.google.cloud.iam.credential" +
+      "s.v1B\023IAMCredentialsProtoP\001ZDgoogle.gola" +
+      "ng.org/genproto/googleapis/iam/credentia" +
+      "ls/v1;credentials\370\001\001b\006proto3"
+    };
+    com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
+        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
+          public com.google.protobuf.ExtensionRegistry assignDescriptors(
+              com.google.protobuf.Descriptors.FileDescriptor root) {
+            descriptor = root;
+            return null;
+          }
+        };
+    com.google.protobuf.Descriptors.FileDescriptor
+      .internalBuildGeneratedFileFrom(descriptorData,
+        new com.google.protobuf.Descriptors.FileDescriptor[] {
+          com.google.api.AnnotationsProto.getDescriptor(),
+          com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor(),
+        }, assigner);
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.AnnotationsProto.http);
+    com.google.protobuf.Descriptors.FileDescriptor
+        .internalUpdateFileDescriptor(descriptor, registry);
+    com.google.api.AnnotationsProto.getDescriptor();
+    com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java
new file mode 100644
index 000000000000..361f69ffe006
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java
@@ -0,0 +1,189 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package com.google.cloud.iam.credentials.v1;
+
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.api.resourcenames.ResourceName;
+import java.util.Map;
+import java.util.ArrayList;
+import java.util.List;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+@javax.annotation.Generated("by GAPIC protoc plugin")
+public class ServiceAccountName implements ResourceName {
+
+  private static final PathTemplate PATH_TEMPLATE =
+      PathTemplate.createWithoutUrlEncoding("projects/{project}/serviceAccounts/{service_account}");
+
+  private volatile Map<String, String> fieldValuesMap;
+
+  private final String project;
+  private final String serviceAccount;
+
+  public String getProject() {
+    return project;
+  }
+
+  public String getServiceAccount() {
+    return serviceAccount;
+  }
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  private ServiceAccountName(Builder builder) {
+    project = Preconditions.checkNotNull(builder.getProject());
+    serviceAccount = Preconditions.checkNotNull(builder.getServiceAccount());
+  }
+
+  public static ServiceAccountName of(String project, String serviceAccount) {
+    return newBuilder()
+      .setProject(project)
+      .setServiceAccount(serviceAccount)
+      .build();
+  }
+
+  public static String format(String project, String serviceAccount) {
+    return newBuilder()
+      .setProject(project)
+      .setServiceAccount(serviceAccount)
+      .build()
+      .toString();
+  }
+
+  public static ServiceAccountName parse(String formattedString) {
+    if (formattedString.isEmpty()) {
+      return null;
+    }
+    Map<String, String> matchMap =
+        PATH_TEMPLATE.validatedMatch(formattedString, "ServiceAccountName.parse: formattedString not in valid format");
+    return of(matchMap.get("project"), matchMap.get("service_account"));
+  }
+
+  public static List<ServiceAccountName> parseList(List<String> formattedStrings) {
+    List<ServiceAccountName> list = new ArrayList<>(formattedStrings.size());
+    for (String formattedString : formattedStrings) {
+      list.add(parse(formattedString));
+    }
+    return list;
+  }
+
+  public static List<String> toStringList(List<ServiceAccountName> values) {
+    List<String> list = new ArrayList<String>(values.size());
+    for (ServiceAccountName value : values) {
+      if (value == null) {
+        list.add("");
+      } else {
+        list.add(value.toString());
+      }
+    }
+    return list;
+  }
+
+  public static boolean isParsableFrom(String formattedString) {
+    return PATH_TEMPLATE.matches(formattedString);
+  }
+
+  public Map<String, String> getFieldValuesMap() {
+    if (fieldValuesMap == null) {
+      synchronized (this) {
+        if (fieldValuesMap == null) {
+          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
+          fieldMapBuilder.put("project", project);
+          fieldMapBuilder.put("serviceAccount", serviceAccount);
+          fieldValuesMap = fieldMapBuilder.build();
+        }
+      }
+    }
+    return fieldValuesMap;
+  }
+
+  public String getFieldValue(String fieldName) {
+    return getFieldValuesMap().get(fieldName);
+  }
+
+  @Override
+  public String toString() {
+    return PATH_TEMPLATE.instantiate("project", project, "service_account", serviceAccount);
+  }
+
+  /** Builder for ServiceAccountName. */
+  public static class Builder {
+
+    private String project;
+    private String serviceAccount;
+
+    public String getProject() {
+      return project;
+    }
+
+    public String getServiceAccount() {
+      return serviceAccount;
+    }
+
+    public Builder setProject(String project) {
+      this.project = project;
+      return this;
+    }
+
+    public Builder setServiceAccount(String serviceAccount) {
+      this.serviceAccount = serviceAccount;
+      return this;
+    }
+
+    private Builder() {
+    }
+
+    private Builder(ServiceAccountName serviceAccountName) {
+      project = serviceAccountName.project;
+      serviceAccount = serviceAccountName.serviceAccount;
+    }
+
+    public ServiceAccountName build() {
+      return new ServiceAccountName(this);
+    }
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) {
+      return true;
+    }
+    if (o instanceof ServiceAccountName) {
+      ServiceAccountName that = (ServiceAccountName) o;
+      return (this.project.equals(that.project))
+          && (this.serviceAccount.equals(that.serviceAccount));
+    }
+    return false;
+  }
+
+  @Override
+  public int hashCode() {
+    int h = 1;
+    h *= 1000003;
+    h ^= project.hashCode();
+    h *= 1000003;
+    h ^= serviceAccount.hashCode();
+    return h;
+  }
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java
new file mode 100644
index 000000000000..bfcd1a369016
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java
@@ -0,0 +1,978 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
+ */
+public  final class SignBlobRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobRequest)
+    SignBlobRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignBlobRequest.newBuilder() to construct.
+  private SignBlobRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignBlobRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    payload_ = com.google.protobuf.ByteString.EMPTY;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignBlobRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 42: {
+
+            payload_ = input.readBytes();
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.SignBlobRequest.class, com.google.cloud.iam.credentials.v1.SignBlobRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 3;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int PAYLOAD_FIELD_NUMBER = 5;
+  private com.google.protobuf.ByteString payload_;
+  /**
+   * <pre>
+   * The bytes to sign.
+   * </pre>
+   *
+   * <code>bytes payload = 5;</code>
+   */
+  public com.google.protobuf.ByteString getPayload() {
+    return payload_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, delegates_.getRaw(i));
+    }
+    if (!payload_.isEmpty()) {
+      output.writeBytes(5, payload_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    if (!payload_.isEmpty()) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBytesSize(5, payload_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignBlobRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.SignBlobRequest other = (com.google.cloud.iam.credentials.v1.SignBlobRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getPayload()
+        .equals(other.getPayload());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    hash = (37 * hash) + PAYLOAD_FIELD_NUMBER;
+    hash = (53 * hash) + getPayload().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignBlobRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobRequest)
+      com.google.cloud.iam.credentials.v1.SignBlobRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.SignBlobRequest.class, com.google.cloud.iam.credentials.v1.SignBlobRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.SignBlobRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      payload_ = com.google.protobuf.ByteString.EMPTY;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.SignBlobRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignBlobRequest build() {
+      com.google.cloud.iam.credentials.v1.SignBlobRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignBlobRequest buildPartial() {
+      com.google.cloud.iam.credentials.v1.SignBlobRequest result = new com.google.cloud.iam.credentials.v1.SignBlobRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      result.payload_ = payload_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.SignBlobRequest) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignBlobRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignBlobRequest other) {
+      if (other == com.google.cloud.iam.credentials.v1.SignBlobRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (other.getPayload() != com.google.protobuf.ByteString.EMPTY) {
+        setPayload(other.getPayload());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.SignBlobRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.SignBlobRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.ByteString payload_ = com.google.protobuf.ByteString.EMPTY;
+    /**
+     * <pre>
+     * The bytes to sign.
+     * </pre>
+     *
+     * <code>bytes payload = 5;</code>
+     */
+    public com.google.protobuf.ByteString getPayload() {
+      return payload_;
+    }
+    /**
+     * <pre>
+     * The bytes to sign.
+     * </pre>
+     *
+     * <code>bytes payload = 5;</code>
+     */
+    public Builder setPayload(com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      payload_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The bytes to sign.
+     * </pre>
+     *
+     * <code>bytes payload = 5;</code>
+     */
+    public Builder clearPayload() {
+      
+      payload_ = getDefaultInstance().getPayload();
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobRequest)
+  private static final com.google.cloud.iam.credentials.v1.SignBlobRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignBlobRequest();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignBlobRequest>
+      PARSER = new com.google.protobuf.AbstractParser<SignBlobRequest>() {
+    @java.lang.Override
+    public SignBlobRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignBlobRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignBlobRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignBlobRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java
new file mode 100644
index 000000000000..f8878e378672
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java
@@ -0,0 +1,103 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface SignBlobRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * The bytes to sign.
+   * </pre>
+   *
+   * <code>bytes payload = 5;</code>
+   */
+  com.google.protobuf.ByteString getPayload();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java
new file mode 100644
index 000000000000..1b7e4c693e97
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java
@@ -0,0 +1,646 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
+ */
+public  final class SignBlobResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobResponse)
+    SignBlobResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignBlobResponse.newBuilder() to construct.
+  private SignBlobResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignBlobResponse() {
+    keyId_ = "";
+    signedBlob_ = com.google.protobuf.ByteString.EMPTY;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignBlobResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            keyId_ = s;
+            break;
+          }
+          case 34: {
+
+            signedBlob_ = input.readBytes();
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.SignBlobResponse.class, com.google.cloud.iam.credentials.v1.SignBlobResponse.Builder.class);
+  }
+
+  public static final int KEY_ID_FIELD_NUMBER = 1;
+  private volatile java.lang.Object keyId_;
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public java.lang.String getKeyId() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      keyId_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getKeyIdBytes() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      keyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SIGNED_BLOB_FIELD_NUMBER = 4;
+  private com.google.protobuf.ByteString signedBlob_;
+  /**
+   * <pre>
+   * The signed blob.
+   * </pre>
+   *
+   * <code>bytes signed_blob = 4;</code>
+   */
+  public com.google.protobuf.ByteString getSignedBlob() {
+    return signedBlob_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getKeyIdBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
+    }
+    if (!signedBlob_.isEmpty()) {
+      output.writeBytes(4, signedBlob_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getKeyIdBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
+    }
+    if (!signedBlob_.isEmpty()) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBytesSize(4, signedBlob_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignBlobResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.SignBlobResponse other = (com.google.cloud.iam.credentials.v1.SignBlobResponse) obj;
+
+    boolean result = true;
+    result = result && getKeyId()
+        .equals(other.getKeyId());
+    result = result && getSignedBlob()
+        .equals(other.getSignedBlob());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + KEY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getKeyId().hashCode();
+    hash = (37 * hash) + SIGNED_BLOB_FIELD_NUMBER;
+    hash = (53 * hash) + getSignedBlob().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignBlobResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobResponse)
+      com.google.cloud.iam.credentials.v1.SignBlobResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.SignBlobResponse.class, com.google.cloud.iam.credentials.v1.SignBlobResponse.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.SignBlobResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      keyId_ = "";
+
+      signedBlob_ = com.google.protobuf.ByteString.EMPTY;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.SignBlobResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignBlobResponse build() {
+      com.google.cloud.iam.credentials.v1.SignBlobResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignBlobResponse buildPartial() {
+      com.google.cloud.iam.credentials.v1.SignBlobResponse result = new com.google.cloud.iam.credentials.v1.SignBlobResponse(this);
+      result.keyId_ = keyId_;
+      result.signedBlob_ = signedBlob_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.SignBlobResponse) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignBlobResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignBlobResponse other) {
+      if (other == com.google.cloud.iam.credentials.v1.SignBlobResponse.getDefaultInstance()) return this;
+      if (!other.getKeyId().isEmpty()) {
+        keyId_ = other.keyId_;
+        onChanged();
+      }
+      if (other.getSignedBlob() != com.google.protobuf.ByteString.EMPTY) {
+        setSignedBlob(other.getSignedBlob());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.SignBlobResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.SignBlobResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object keyId_ = "";
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public java.lang.String getKeyId() {
+      java.lang.Object ref = keyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        keyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getKeyIdBytes() {
+      java.lang.Object ref = keyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        keyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyId(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder clearKeyId() {
+      
+      keyId_ = getDefaultInstance().getKeyId();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyIdBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.ByteString signedBlob_ = com.google.protobuf.ByteString.EMPTY;
+    /**
+     * <pre>
+     * The signed blob.
+     * </pre>
+     *
+     * <code>bytes signed_blob = 4;</code>
+     */
+    public com.google.protobuf.ByteString getSignedBlob() {
+      return signedBlob_;
+    }
+    /**
+     * <pre>
+     * The signed blob.
+     * </pre>
+     *
+     * <code>bytes signed_blob = 4;</code>
+     */
+    public Builder setSignedBlob(com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      signedBlob_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The signed blob.
+     * </pre>
+     *
+     * <code>bytes signed_blob = 4;</code>
+     */
+    public Builder clearSignedBlob() {
+      
+      signedBlob_ = getDefaultInstance().getSignedBlob();
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobResponse)
+  private static final com.google.cloud.iam.credentials.v1.SignBlobResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignBlobResponse();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignBlobResponse>
+      PARSER = new com.google.protobuf.AbstractParser<SignBlobResponse>() {
+    @java.lang.Override
+    public SignBlobResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignBlobResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignBlobResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignBlobResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java
new file mode 100644
index 000000000000..9331436e611b
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java
@@ -0,0 +1,36 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface SignBlobResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  java.lang.String getKeyId();
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getKeyIdBytes();
+
+  /**
+   * <pre>
+   * The signed blob.
+   * </pre>
+   *
+   * <code>bytes signed_blob = 4;</code>
+   */
+  com.google.protobuf.ByteString getSignedBlob();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java
new file mode 100644
index 000000000000..a42ebf52b8b2
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java
@@ -0,0 +1,1056 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
+ */
+public  final class SignJwtRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtRequest)
+    SignJwtRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignJwtRequest.newBuilder() to construct.
+  private SignJwtRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignJwtRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    payload_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignJwtRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 42: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            payload_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.SignJwtRequest.class, com.google.cloud.iam.credentials.v1.SignJwtRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 3;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int PAYLOAD_FIELD_NUMBER = 5;
+  private volatile java.lang.Object payload_;
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  public java.lang.String getPayload() {
+    java.lang.Object ref = payload_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      payload_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  public com.google.protobuf.ByteString
+      getPayloadBytes() {
+    java.lang.Object ref = payload_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      payload_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, delegates_.getRaw(i));
+    }
+    if (!getPayloadBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 5, payload_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    if (!getPayloadBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(5, payload_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignJwtRequest)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.SignJwtRequest other = (com.google.cloud.iam.credentials.v1.SignJwtRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getPayload()
+        .equals(other.getPayload());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    hash = (37 * hash) + PAYLOAD_FIELD_NUMBER;
+    hash = (53 * hash) + getPayload().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignJwtRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtRequest)
+      com.google.cloud.iam.credentials.v1.SignJwtRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.SignJwtRequest.class, com.google.cloud.iam.credentials.v1.SignJwtRequest.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.SignJwtRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      payload_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.SignJwtRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignJwtRequest build() {
+      com.google.cloud.iam.credentials.v1.SignJwtRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignJwtRequest buildPartial() {
+      com.google.cloud.iam.credentials.v1.SignJwtRequest result = new com.google.cloud.iam.credentials.v1.SignJwtRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      result.payload_ = payload_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.SignJwtRequest) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignJwtRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignJwtRequest other) {
+      if (other == com.google.cloud.iam.credentials.v1.SignJwtRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (!other.getPayload().isEmpty()) {
+        payload_ = other.payload_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.SignJwtRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.SignJwtRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object payload_ = "";
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public java.lang.String getPayload() {
+      java.lang.Object ref = payload_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        payload_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public com.google.protobuf.ByteString
+        getPayloadBytes() {
+      java.lang.Object ref = payload_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        payload_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public Builder setPayload(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      payload_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public Builder clearPayload() {
+      
+      payload_ = getDefaultInstance().getPayload();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public Builder setPayloadBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      payload_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtRequest)
+  private static final com.google.cloud.iam.credentials.v1.SignJwtRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignJwtRequest();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignJwtRequest>
+      PARSER = new com.google.protobuf.AbstractParser<SignJwtRequest>() {
+    @java.lang.Override
+    public SignJwtRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignJwtRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignJwtRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignJwtRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java
new file mode 100644
index 000000000000..35c54344f1da
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java
@@ -0,0 +1,112 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface SignJwtRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  java.lang.String getPayload();
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  com.google.protobuf.ByteString
+      getPayloadBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java
new file mode 100644
index 000000000000..1dff292cec17
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java
@@ -0,0 +1,724 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
+ */
+public  final class SignJwtResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtResponse)
+    SignJwtResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignJwtResponse.newBuilder() to construct.
+  private SignJwtResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignJwtResponse() {
+    keyId_ = "";
+    signedJwt_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignJwtResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            keyId_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            signedJwt_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.cloud.iam.credentials.v1.SignJwtResponse.class, com.google.cloud.iam.credentials.v1.SignJwtResponse.Builder.class);
+  }
+
+  public static final int KEY_ID_FIELD_NUMBER = 1;
+  private volatile java.lang.Object keyId_;
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public java.lang.String getKeyId() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      keyId_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getKeyIdBytes() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      keyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SIGNED_JWT_FIELD_NUMBER = 2;
+  private volatile java.lang.Object signedJwt_;
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  public java.lang.String getSignedJwt() {
+    java.lang.Object ref = signedJwt_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      signedJwt_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getSignedJwtBytes() {
+    java.lang.Object ref = signedJwt_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      signedJwt_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getKeyIdBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
+    }
+    if (!getSignedJwtBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, signedJwt_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getKeyIdBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
+    }
+    if (!getSignedJwtBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, signedJwt_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignJwtResponse)) {
+      return super.equals(obj);
+    }
+    com.google.cloud.iam.credentials.v1.SignJwtResponse other = (com.google.cloud.iam.credentials.v1.SignJwtResponse) obj;
+
+    boolean result = true;
+    result = result && getKeyId()
+        .equals(other.getKeyId());
+    result = result && getSignedJwt()
+        .equals(other.getSignedJwt());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + KEY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getKeyId().hashCode();
+    hash = (37 * hash) + SIGNED_JWT_FIELD_NUMBER;
+    hash = (53 * hash) + getSignedJwt().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignJwtResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtResponse)
+      com.google.cloud.iam.credentials.v1.SignJwtResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.cloud.iam.credentials.v1.SignJwtResponse.class, com.google.cloud.iam.credentials.v1.SignJwtResponse.Builder.class);
+    }
+
+    // Construct using com.google.cloud.iam.credentials.v1.SignJwtResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      keyId_ = "";
+
+      signedJwt_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
+      return com.google.cloud.iam.credentials.v1.SignJwtResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignJwtResponse build() {
+      com.google.cloud.iam.credentials.v1.SignJwtResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.cloud.iam.credentials.v1.SignJwtResponse buildPartial() {
+      com.google.cloud.iam.credentials.v1.SignJwtResponse result = new com.google.cloud.iam.credentials.v1.SignJwtResponse(this);
+      result.keyId_ = keyId_;
+      result.signedJwt_ = signedJwt_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.cloud.iam.credentials.v1.SignJwtResponse) {
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignJwtResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignJwtResponse other) {
+      if (other == com.google.cloud.iam.credentials.v1.SignJwtResponse.getDefaultInstance()) return this;
+      if (!other.getKeyId().isEmpty()) {
+        keyId_ = other.keyId_;
+        onChanged();
+      }
+      if (!other.getSignedJwt().isEmpty()) {
+        signedJwt_ = other.signedJwt_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.cloud.iam.credentials.v1.SignJwtResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.cloud.iam.credentials.v1.SignJwtResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object keyId_ = "";
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public java.lang.String getKeyId() {
+      java.lang.Object ref = keyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        keyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getKeyIdBytes() {
+      java.lang.Object ref = keyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        keyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyId(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder clearKeyId() {
+      
+      keyId_ = getDefaultInstance().getKeyId();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyIdBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object signedJwt_ = "";
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public java.lang.String getSignedJwt() {
+      java.lang.Object ref = signedJwt_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        signedJwt_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getSignedJwtBytes() {
+      java.lang.Object ref = signedJwt_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        signedJwt_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public Builder setSignedJwt(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      signedJwt_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public Builder clearSignedJwt() {
+      
+      signedJwt_ = getDefaultInstance().getSignedJwt();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public Builder setSignedJwtBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      signedJwt_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtResponse)
+  private static final com.google.cloud.iam.credentials.v1.SignJwtResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignJwtResponse();
+  }
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignJwtResponse>
+      PARSER = new com.google.protobuf.AbstractParser<SignJwtResponse>() {
+    @java.lang.Override
+    public SignJwtResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignJwtResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignJwtResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignJwtResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.cloud.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java
new file mode 100644
index 000000000000..f97af6135cf0
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java
@@ -0,0 +1,45 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.cloud.iam.credentials.v1;
+
+public interface SignJwtResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  java.lang.String getKeyId();
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getKeyIdBytes();
+
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  java.lang.String getSignedJwt();
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getSignedJwtBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java
new file mode 100644
index 000000000000..c03e61f53082
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java
@@ -0,0 +1,1427 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
+ */
+public  final class GenerateAccessTokenRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
+    GenerateAccessTokenRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateAccessTokenRequest.newBuilder() to construct.
+  private GenerateAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateAccessTokenRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateAccessTokenRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 34: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
+              scope_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000004;
+            }
+            scope_.add(s);
+            break;
+          }
+          case 58: {
+            com.google.protobuf.Duration.Builder subBuilder = null;
+            if (lifetime_ != null) {
+              subBuilder = lifetime_.toBuilder();
+            }
+            lifetime_ = input.readMessage(com.google.protobuf.Duration.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(lifetime_);
+              lifetime_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      if (((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
+        scope_ = scope_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 2;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int SCOPE_FIELD_NUMBER = 4;
+  private com.google.protobuf.LazyStringList scope_;
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getScopeList() {
+    return scope_;
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public int getScopeCount() {
+    return scope_.size();
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public java.lang.String getScope(int index) {
+    return scope_.get(index);
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  public com.google.protobuf.ByteString
+      getScopeBytes(int index) {
+    return scope_.getByteString(index);
+  }
+
+  public static final int LIFETIME_FIELD_NUMBER = 7;
+  private com.google.protobuf.Duration lifetime_;
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  public boolean hasLifetime() {
+    return lifetime_ != null;
+  }
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  public com.google.protobuf.Duration getLifetime() {
+    return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+  }
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
+    return getLifetime();
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, delegates_.getRaw(i));
+    }
+    for (int i = 0; i < scope_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 4, scope_.getRaw(i));
+    }
+    if (lifetime_ != null) {
+      output.writeMessage(7, getLifetime());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < scope_.size(); i++) {
+        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getScopeList().size();
+    }
+    if (lifetime_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(7, getLifetime());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.GenerateAccessTokenRequest)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.GenerateAccessTokenRequest other = (com.google.iam.credentials.v1.GenerateAccessTokenRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getScopeList()
+        .equals(other.getScopeList());
+    result = result && (hasLifetime() == other.hasLifetime());
+    if (hasLifetime()) {
+      result = result && getLifetime()
+          .equals(other.getLifetime());
+    }
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    if (getScopeCount() > 0) {
+      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
+      hash = (53 * hash) + getScopeList().hashCode();
+    }
+    if (hasLifetime()) {
+      hash = (37 * hash) + LIFETIME_FIELD_NUMBER;
+      hash = (53 * hash) + getLifetime().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateAccessTokenRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
+      com.google.iam.credentials.v1.GenerateAccessTokenRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.GenerateAccessTokenRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000004);
+      if (lifetimeBuilder_ == null) {
+        lifetime_ = null;
+      } else {
+        lifetime_ = null;
+        lifetimeBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateAccessTokenRequest build() {
+      com.google.iam.credentials.v1.GenerateAccessTokenRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateAccessTokenRequest buildPartial() {
+      com.google.iam.credentials.v1.GenerateAccessTokenRequest result = new com.google.iam.credentials.v1.GenerateAccessTokenRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      if (((bitField0_ & 0x00000004) == 0x00000004)) {
+        scope_ = scope_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000004);
+      }
+      result.scope_ = scope_;
+      if (lifetimeBuilder_ == null) {
+        result.lifetime_ = lifetime_;
+      } else {
+        result.lifetime_ = lifetimeBuilder_.build();
+      }
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.GenerateAccessTokenRequest) {
+        return mergeFrom((com.google.iam.credentials.v1.GenerateAccessTokenRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateAccessTokenRequest other) {
+      if (other == com.google.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (!other.scope_.isEmpty()) {
+        if (scope_.isEmpty()) {
+          scope_ = other.scope_;
+          bitField0_ = (bitField0_ & ~0x00000004);
+        } else {
+          ensureScopeIsMutable();
+          scope_.addAll(other.scope_);
+        }
+        onChanged();
+      }
+      if (other.hasLifetime()) {
+        mergeLifetime(other.getLifetime());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.GenerateAccessTokenRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.GenerateAccessTokenRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureScopeIsMutable() {
+      if (!((bitField0_ & 0x00000004) == 0x00000004)) {
+        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
+        bitField0_ |= 0x00000004;
+       }
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getScopeList() {
+      return scope_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public int getScopeCount() {
+      return scope_.size();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public java.lang.String getScope(int index) {
+      return scope_.get(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public com.google.protobuf.ByteString
+        getScopeBytes(int index) {
+      return scope_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder setScope(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder addScope(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder addAllScope(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureScopeIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, scope_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder clearScope() {
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000004);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 4;</code>
+     */
+    public Builder addScopeBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Duration lifetime_ = null;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> lifetimeBuilder_;
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public boolean hasLifetime() {
+      return lifetimeBuilder_ != null || lifetime_ != null;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public com.google.protobuf.Duration getLifetime() {
+      if (lifetimeBuilder_ == null) {
+        return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+      } else {
+        return lifetimeBuilder_.getMessage();
+      }
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder setLifetime(com.google.protobuf.Duration value) {
+      if (lifetimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        lifetime_ = value;
+        onChanged();
+      } else {
+        lifetimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder setLifetime(
+        com.google.protobuf.Duration.Builder builderForValue) {
+      if (lifetimeBuilder_ == null) {
+        lifetime_ = builderForValue.build();
+        onChanged();
+      } else {
+        lifetimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder mergeLifetime(com.google.protobuf.Duration value) {
+      if (lifetimeBuilder_ == null) {
+        if (lifetime_ != null) {
+          lifetime_ =
+            com.google.protobuf.Duration.newBuilder(lifetime_).mergeFrom(value).buildPartial();
+        } else {
+          lifetime_ = value;
+        }
+        onChanged();
+      } else {
+        lifetimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public Builder clearLifetime() {
+      if (lifetimeBuilder_ == null) {
+        lifetime_ = null;
+        onChanged();
+      } else {
+        lifetime_ = null;
+        lifetimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public com.google.protobuf.Duration.Builder getLifetimeBuilder() {
+      
+      onChanged();
+      return getLifetimeFieldBuilder().getBuilder();
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
+      if (lifetimeBuilder_ != null) {
+        return lifetimeBuilder_.getMessageOrBuilder();
+      } else {
+        return lifetime_ == null ?
+            com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+      }
+    }
+    /**
+     * <pre>
+     * The desired lifetime duration of the access token in seconds.
+     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+     * not specified, the token's lifetime will be set to a default value of one
+     * hour.
+     * </pre>
+     *
+     * <code>.google.protobuf.Duration lifetime = 7;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> 
+        getLifetimeFieldBuilder() {
+      if (lifetimeBuilder_ == null) {
+        lifetimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder>(
+                getLifetime(),
+                getParentForChildren(),
+                isClean());
+        lifetime_ = null;
+      }
+      return lifetimeBuilder_;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
+  private static final com.google.iam.credentials.v1.GenerateAccessTokenRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateAccessTokenRequest();
+  }
+
+  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateAccessTokenRequest>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenRequest>() {
+    @java.lang.Override
+    public GenerateAccessTokenRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateAccessTokenRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateAccessTokenRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateAccessTokenRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
new file mode 100644
index 000000000000..6123461aa676
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
@@ -0,0 +1,175 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface GenerateAccessTokenRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  java.util.List<java.lang.String>
+      getScopeList();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  int getScopeCount();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  java.lang.String getScope(int index);
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 4;</code>
+   */
+  com.google.protobuf.ByteString
+      getScopeBytes(int index);
+
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  boolean hasLifetime();
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  com.google.protobuf.Duration getLifetime();
+  /**
+   * <pre>
+   * The desired lifetime duration of the access token in seconds.
+   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
+   * not specified, the token's lifetime will be set to a default value of one
+   * hour.
+   * </pre>
+   *
+   * <code>.google.protobuf.Duration lifetime = 7;</code>
+   */
+  com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java
new file mode 100644
index 000000000000..4628b768caa8
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java
@@ -0,0 +1,810 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
+ */
+public  final class GenerateAccessTokenResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
+    GenerateAccessTokenResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateAccessTokenResponse.newBuilder() to construct.
+  private GenerateAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateAccessTokenResponse() {
+    accessToken_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateAccessTokenResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            accessToken_ = s;
+            break;
+          }
+          case 26: {
+            com.google.protobuf.Timestamp.Builder subBuilder = null;
+            if (expireTime_ != null) {
+              subBuilder = expireTime_.toBuilder();
+            }
+            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(expireTime_);
+              expireTime_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
+  }
+
+  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object accessToken_;
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public java.lang.String getAccessToken() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      accessToken_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getAccessTokenBytes() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      accessToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int EXPIRE_TIME_FIELD_NUMBER = 3;
+  private com.google.protobuf.Timestamp expireTime_;
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  public boolean hasExpireTime() {
+    return expireTime_ != null;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  public com.google.protobuf.Timestamp getExpireTime() {
+    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+    return getExpireTime();
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getAccessTokenBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      output.writeMessage(3, getExpireTime());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getAccessTokenBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(3, getExpireTime());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.GenerateAccessTokenResponse)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.GenerateAccessTokenResponse other = (com.google.iam.credentials.v1.GenerateAccessTokenResponse) obj;
+
+    boolean result = true;
+    result = result && getAccessToken()
+        .equals(other.getAccessToken());
+    result = result && (hasExpireTime() == other.hasExpireTime());
+    if (hasExpireTime()) {
+      result = result && getExpireTime()
+          .equals(other.getExpireTime());
+    }
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getAccessToken().hashCode();
+    if (hasExpireTime()) {
+      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getExpireTime().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateAccessTokenResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
+      com.google.iam.credentials.v1.GenerateAccessTokenResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.GenerateAccessTokenResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      accessToken_ = "";
+
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateAccessTokenResponse build() {
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateAccessTokenResponse buildPartial() {
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse result = new com.google.iam.credentials.v1.GenerateAccessTokenResponse(this);
+      result.accessToken_ = accessToken_;
+      if (expireTimeBuilder_ == null) {
+        result.expireTime_ = expireTime_;
+      } else {
+        result.expireTime_ = expireTimeBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.GenerateAccessTokenResponse) {
+        return mergeFrom((com.google.iam.credentials.v1.GenerateAccessTokenResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateAccessTokenResponse other) {
+      if (other == com.google.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()) return this;
+      if (!other.getAccessToken().isEmpty()) {
+        accessToken_ = other.accessToken_;
+        onChanged();
+      }
+      if (other.hasExpireTime()) {
+        mergeExpireTime(other.getExpireTime());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.GenerateAccessTokenResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.GenerateAccessTokenResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object accessToken_ = "";
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public java.lang.String getAccessToken() {
+      java.lang.Object ref = accessToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        accessToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getAccessTokenBytes() {
+      java.lang.Object ref = accessToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        accessToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessToken(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder clearAccessToken() {
+      
+      accessToken_ = getDefaultInstance().getAccessToken();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessTokenBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp expireTime_ = null;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public boolean hasExpireTime() {
+      return expireTimeBuilder_ != null || expireTime_ != null;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public com.google.protobuf.Timestamp getExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      } else {
+        return expireTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        expireTime_ = value;
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder setExpireTime(
+        com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (expireTime_ != null) {
+          expireTime_ =
+            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
+        } else {
+          expireTime_ = value;
+        }
+        onChanged();
+      } else {
+        expireTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public Builder clearExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+        onChanged();
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
+      
+      onChanged();
+      return getExpireTimeFieldBuilder().getBuilder();
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+      if (expireTimeBuilder_ != null) {
+        return expireTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return expireTime_ == null ?
+            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
+        getExpireTimeFieldBuilder() {
+      if (expireTimeBuilder_ == null) {
+        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
+                getExpireTime(),
+                getParentForChildren(),
+                isClean());
+        expireTime_ = null;
+      }
+      return expireTimeBuilder_;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
+  private static final com.google.iam.credentials.v1.GenerateAccessTokenResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateAccessTokenResponse();
+  }
+
+  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateAccessTokenResponse>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenResponse>() {
+    @java.lang.Override
+    public GenerateAccessTokenResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateAccessTokenResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateAccessTokenResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateAccessTokenResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
new file mode 100644
index 000000000000..d0d922aca713
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
@@ -0,0 +1,55 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface GenerateAccessTokenResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  java.lang.String getAccessToken();
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getAccessTokenBytes();
+
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  boolean hasExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  com.google.protobuf.Timestamp getExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
+   */
+  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java
new file mode 100644
index 000000000000..24eb6636dcf2
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java
@@ -0,0 +1,1142 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
+ */
+public  final class GenerateIdTokenRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
+    GenerateIdTokenRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdTokenRequest.newBuilder() to construct.
+  private GenerateIdTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdTokenRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    audience_ = "";
+    includeEmail_ = false;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdTokenRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            audience_ = s;
+            break;
+          }
+          case 32: {
+
+            includeEmail_ = input.readBool();
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 2;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int AUDIENCE_FIELD_NUMBER = 3;
+  private volatile java.lang.Object audience_;
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  public java.lang.String getAudience() {
+    java.lang.Object ref = audience_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      audience_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getAudienceBytes() {
+    java.lang.Object ref = audience_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      audience_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int INCLUDE_EMAIL_FIELD_NUMBER = 4;
+  private boolean includeEmail_;
+  /**
+   * <pre>
+   * Include the service account email in the token. If set to `true`, the
+   * token will contain `email` and `email_verified` claims.
+   * </pre>
+   *
+   * <code>bool include_email = 4;</code>
+   */
+  public boolean getIncludeEmail() {
+    return includeEmail_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, delegates_.getRaw(i));
+    }
+    if (!getAudienceBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, audience_);
+    }
+    if (includeEmail_ != false) {
+      output.writeBool(4, includeEmail_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    if (!getAudienceBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, audience_);
+    }
+    if (includeEmail_ != false) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBoolSize(4, includeEmail_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdTokenRequest)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.GenerateIdTokenRequest other = (com.google.iam.credentials.v1.GenerateIdTokenRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getAudience()
+        .equals(other.getAudience());
+    result = result && (getIncludeEmail()
+        == other.getIncludeEmail());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    hash = (37 * hash) + AUDIENCE_FIELD_NUMBER;
+    hash = (53 * hash) + getAudience().hashCode();
+    hash = (37 * hash) + INCLUDE_EMAIL_FIELD_NUMBER;
+    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(
+        getIncludeEmail());
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdTokenRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
+      com.google.iam.credentials.v1.GenerateIdTokenRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.GenerateIdTokenRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      audience_ = "";
+
+      includeEmail_ = false;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdTokenRequest build() {
+      com.google.iam.credentials.v1.GenerateIdTokenRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdTokenRequest buildPartial() {
+      com.google.iam.credentials.v1.GenerateIdTokenRequest result = new com.google.iam.credentials.v1.GenerateIdTokenRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      result.audience_ = audience_;
+      result.includeEmail_ = includeEmail_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.GenerateIdTokenRequest) {
+        return mergeFrom((com.google.iam.credentials.v1.GenerateIdTokenRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdTokenRequest other) {
+      if (other == com.google.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (!other.getAudience().isEmpty()) {
+        audience_ = other.audience_;
+        onChanged();
+      }
+      if (other.getIncludeEmail() != false) {
+        setIncludeEmail(other.getIncludeEmail());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.GenerateIdTokenRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.GenerateIdTokenRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 2;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object audience_ = "";
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public java.lang.String getAudience() {
+      java.lang.Object ref = audience_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        audience_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getAudienceBytes() {
+      java.lang.Object ref = audience_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        audience_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public Builder setAudience(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      audience_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public Builder clearAudience() {
+      
+      audience_ = getDefaultInstance().getAudience();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The audience for the token, such as the API or account that this token
+     * grants access to.
+     * </pre>
+     *
+     * <code>string audience = 3;</code>
+     */
+    public Builder setAudienceBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      audience_ = value;
+      onChanged();
+      return this;
+    }
+
+    private boolean includeEmail_ ;
+    /**
+     * <pre>
+     * Include the service account email in the token. If set to `true`, the
+     * token will contain `email` and `email_verified` claims.
+     * </pre>
+     *
+     * <code>bool include_email = 4;</code>
+     */
+    public boolean getIncludeEmail() {
+      return includeEmail_;
+    }
+    /**
+     * <pre>
+     * Include the service account email in the token. If set to `true`, the
+     * token will contain `email` and `email_verified` claims.
+     * </pre>
+     *
+     * <code>bool include_email = 4;</code>
+     */
+    public Builder setIncludeEmail(boolean value) {
+      
+      includeEmail_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Include the service account email in the token. If set to `true`, the
+     * token will contain `email` and `email_verified` claims.
+     * </pre>
+     *
+     * <code>bool include_email = 4;</code>
+     */
+    public Builder clearIncludeEmail() {
+      
+      includeEmail_ = false;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
+  private static final com.google.iam.credentials.v1.GenerateIdTokenRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdTokenRequest();
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdTokenRequest>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenRequest>() {
+    @java.lang.Override
+    public GenerateIdTokenRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdTokenRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdTokenRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdTokenRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
new file mode 100644
index 000000000000..1e1cf0139ac6
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
@@ -0,0 +1,124 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface GenerateIdTokenRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  java.lang.String getAudience();
+  /**
+   * <pre>
+   * The audience for the token, such as the API or account that this token
+   * grants access to.
+   * </pre>
+   *
+   * <code>string audience = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getAudienceBytes();
+
+  /**
+   * <pre>
+   * Include the service account email in the token. If set to `true`, the
+   * token will contain `email` and `email_verified` claims.
+   * </pre>
+   *
+   * <code>bool include_email = 4;</code>
+   */
+  boolean getIncludeEmail();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java
new file mode 100644
index 000000000000..3b986d70d0b8
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java
@@ -0,0 +1,569 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
+ */
+public  final class GenerateIdTokenResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
+    GenerateIdTokenResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdTokenResponse.newBuilder() to construct.
+  private GenerateIdTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdTokenResponse() {
+    token_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdTokenResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            token_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
+  }
+
+  public static final int TOKEN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object token_;
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  public java.lang.String getToken() {
+    java.lang.Object ref = token_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      token_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getTokenBytes() {
+    java.lang.Object ref = token_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      token_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getTokenBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, token_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getTokenBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, token_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdTokenResponse)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.GenerateIdTokenResponse other = (com.google.iam.credentials.v1.GenerateIdTokenResponse) obj;
+
+    boolean result = true;
+    result = result && getToken()
+        .equals(other.getToken());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getToken().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdTokenResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
+      com.google.iam.credentials.v1.GenerateIdTokenResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.GenerateIdTokenResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      token_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdTokenResponse build() {
+      com.google.iam.credentials.v1.GenerateIdTokenResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdTokenResponse buildPartial() {
+      com.google.iam.credentials.v1.GenerateIdTokenResponse result = new com.google.iam.credentials.v1.GenerateIdTokenResponse(this);
+      result.token_ = token_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.GenerateIdTokenResponse) {
+        return mergeFrom((com.google.iam.credentials.v1.GenerateIdTokenResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdTokenResponse other) {
+      if (other == com.google.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()) return this;
+      if (!other.getToken().isEmpty()) {
+        token_ = other.token_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.GenerateIdTokenResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.GenerateIdTokenResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object token_ = "";
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public java.lang.String getToken() {
+      java.lang.Object ref = token_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        token_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getTokenBytes() {
+      java.lang.Object ref = token_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        token_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public Builder setToken(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      token_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public Builder clearToken() {
+      
+      token_ = getDefaultInstance().getToken();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OpenId Connect ID token.
+     * </pre>
+     *
+     * <code>string token = 1;</code>
+     */
+    public Builder setTokenBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      token_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
+  private static final com.google.iam.credentials.v1.GenerateIdTokenResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdTokenResponse();
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdTokenResponse>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenResponse>() {
+    @java.lang.Override
+    public GenerateIdTokenResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdTokenResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdTokenResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdTokenResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
new file mode 100644
index 000000000000..71c4a2f7583b
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
@@ -0,0 +1,27 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface GenerateIdTokenResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  java.lang.String getToken();
+  /**
+   * <pre>
+   * The OpenId Connect ID token.
+   * </pre>
+   *
+   * <code>string token = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getTokenBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
new file mode 100644
index 000000000000..25d008a73d6c
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
@@ -0,0 +1,1298 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
+ */
+public  final class GenerateIdentityBindingAccessTokenRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+    GenerateIdentityBindingAccessTokenRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdentityBindingAccessTokenRequest.newBuilder() to construct.
+  private GenerateIdentityBindingAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdentityBindingAccessTokenRequest() {
+    name_ = "";
+    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    jwt_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdentityBindingAccessTokenRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              scope_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            scope_.add(s);
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            jwt_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        scope_ = scope_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SCOPE_FIELD_NUMBER = 2;
+  private com.google.protobuf.LazyStringList scope_;
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getScopeList() {
+    return scope_;
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public int getScopeCount() {
+    return scope_.size();
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public java.lang.String getScope(int index) {
+    return scope_.get(index);
+  }
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getScopeBytes(int index) {
+    return scope_.getByteString(index);
+  }
+
+  public static final int JWT_FIELD_NUMBER = 3;
+  private volatile java.lang.Object jwt_;
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  public java.lang.String getJwt() {
+    java.lang.Object ref = jwt_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      jwt_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getJwtBytes() {
+    java.lang.Object ref = jwt_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      jwt_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < scope_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, scope_.getRaw(i));
+    }
+    if (!getJwtBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, jwt_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < scope_.size(); i++) {
+        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getScopeList().size();
+    }
+    if (!getJwtBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, jwt_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getScopeList()
+        .equals(other.getScopeList());
+    result = result && getJwt()
+        .equals(other.getJwt());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getScopeCount() > 0) {
+      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
+      hash = (53 * hash) + getScopeList().hashCode();
+    }
+    hash = (37 * hash) + JWT_FIELD_NUMBER;
+    hash = (53 * hash) + getJwt().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      jwt_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest build() {
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest buildPartial() {
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        scope_ = scope_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.scope_ = scope_;
+      result.jwt_ = jwt_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) {
+        return mergeFrom((com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other) {
+      if (other == com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.scope_.isEmpty()) {
+        if (scope_.isEmpty()) {
+          scope_ = other.scope_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureScopeIsMutable();
+          scope_.addAll(other.scope_);
+        }
+        onChanged();
+      }
+      if (!other.getJwt().isEmpty()) {
+        jwt_ = other.jwt_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureScopeIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getScopeList() {
+      return scope_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public int getScopeCount() {
+      return scope_.size();
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public java.lang.String getScope(int index) {
+      return scope_.get(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getScopeBytes(int index) {
+      return scope_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder setScope(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder addScope(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder addAllScope(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureScopeIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, scope_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder clearScope() {
+      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Code to identify the scopes to be included in the OAuth 2.0 access token.
+     * See https://developers.google.com/identity/protocols/googlescopes for more
+     * information.
+     * At least one value required.
+     * </pre>
+     *
+     * <code>repeated string scope = 2;</code>
+     */
+    public Builder addScopeBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureScopeIsMutable();
+      scope_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object jwt_ = "";
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public java.lang.String getJwt() {
+      java.lang.Object ref = jwt_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        jwt_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getJwtBytes() {
+      java.lang.Object ref = jwt_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        jwt_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public Builder setJwt(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      jwt_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public Builder clearJwt() {
+      
+      jwt_ = getDefaultInstance().getJwt();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * Required. Input token.
+     * Must be in JWT format according to
+     * RFC7523 (https://tools.ietf.org/html/rfc7523)
+     * and must have 'kid' field in the header.
+     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+     * Mandatory payload fields (along the lines of RFC 7523, section 3):
+     * - iss: issuer of the token. Must provide a discovery document at
+     *        $iss/.well-known/openid-configuration . The document needs to be
+     *        formatted according to section 4.2 of the OpenID Connect Discovery
+     *        1.0 specification.
+     * - iat: Issue time in seconds since epoch. Must be in the past.
+     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+     *        after iat. We recommend to create tokens that last shorter than 6
+     *        hours to improve security unless business reasons mandate longer
+     *        expiration times. Shorter token lifetimes are generally more secure
+     *        since tokens that have been exfiltrated by attackers can be used for
+     *        a shorter time. you can configure the maximum lifetime of the
+     *        incoming token in the configuration of the mapper.
+     *        The resulting Google token will expire within an hour or at "exp",
+     *        whichever is earlier.
+     * - sub: JWT subject, identity asserted in the JWT.
+     * - aud: Configured in the mapper policy. By default the service account
+     *        email.
+     * Claims from the incoming token can be transferred into the output token
+     * accoding to the mapper configuration. The outgoing claim size is limited.
+     * Outgoing claims size must be less than 4kB serialized as JSON without
+     * whitespace.
+     * Example header:
+     * {
+     *   "alg": "RS256",
+     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+     * }
+     * Example payload:
+     * {
+     *   "iss": "https://accounts.google.com",
+     *   "iat": 1517963104,
+     *   "exp": 1517966704,
+     *   "aud": "https://iamcredentials.googleapis.com/",
+     *   "sub": "113475438248934895348",
+     *   "my_claims": {
+     *     "additional_claim": "value"
+     *   }
+     * }
+     * </pre>
+     *
+     * <code>string jwt = 3;</code>
+     */
+    public Builder setJwtBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      jwt_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+  private static final com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest();
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenRequest>() {
+    @java.lang.Override
+    public GenerateIdentityBindingAccessTokenRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdentityBindingAccessTokenRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
new file mode 100644
index 000000000000..74333b157c24
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
@@ -0,0 +1,180 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface GenerateIdentityBindingAccessTokenRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  java.util.List<java.lang.String>
+      getScopeList();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  int getScopeCount();
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  java.lang.String getScope(int index);
+  /**
+   * <pre>
+   * Code to identify the scopes to be included in the OAuth 2.0 access token.
+   * See https://developers.google.com/identity/protocols/googlescopes for more
+   * information.
+   * At least one value required.
+   * </pre>
+   *
+   * <code>repeated string scope = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getScopeBytes(int index);
+
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  java.lang.String getJwt();
+  /**
+   * <pre>
+   * Required. Input token.
+   * Must be in JWT format according to
+   * RFC7523 (https://tools.ietf.org/html/rfc7523)
+   * and must have 'kid' field in the header.
+   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
+   * Mandatory payload fields (along the lines of RFC 7523, section 3):
+   * - iss: issuer of the token. Must provide a discovery document at
+   *        $iss/.well-known/openid-configuration . The document needs to be
+   *        formatted according to section 4.2 of the OpenID Connect Discovery
+   *        1.0 specification.
+   * - iat: Issue time in seconds since epoch. Must be in the past.
+   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
+   *        after iat. We recommend to create tokens that last shorter than 6
+   *        hours to improve security unless business reasons mandate longer
+   *        expiration times. Shorter token lifetimes are generally more secure
+   *        since tokens that have been exfiltrated by attackers can be used for
+   *        a shorter time. you can configure the maximum lifetime of the
+   *        incoming token in the configuration of the mapper.
+   *        The resulting Google token will expire within an hour or at "exp",
+   *        whichever is earlier.
+   * - sub: JWT subject, identity asserted in the JWT.
+   * - aud: Configured in the mapper policy. By default the service account
+   *        email.
+   * Claims from the incoming token can be transferred into the output token
+   * accoding to the mapper configuration. The outgoing claim size is limited.
+   * Outgoing claims size must be less than 4kB serialized as JSON without
+   * whitespace.
+   * Example header:
+   * {
+   *   "alg": "RS256",
+   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
+   * }
+   * Example payload:
+   * {
+   *   "iss": "https://accounts.google.com",
+   *   "iat": 1517963104,
+   *   "exp": 1517966704,
+   *   "aud": "https://iamcredentials.googleapis.com/",
+   *   "sub": "113475438248934895348",
+   *   "my_claims": {
+   *     "additional_claim": "value"
+   *   }
+   * }
+   * </pre>
+   *
+   * <code>string jwt = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getJwtBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
new file mode 100644
index 000000000000..74bb40247138
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
@@ -0,0 +1,810 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
+ */
+public  final class GenerateIdentityBindingAccessTokenResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+    GenerateIdentityBindingAccessTokenResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use GenerateIdentityBindingAccessTokenResponse.newBuilder() to construct.
+  private GenerateIdentityBindingAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private GenerateIdentityBindingAccessTokenResponse() {
+    accessToken_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private GenerateIdentityBindingAccessTokenResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            accessToken_ = s;
+            break;
+          }
+          case 18: {
+            com.google.protobuf.Timestamp.Builder subBuilder = null;
+            if (expireTime_ != null) {
+              subBuilder = expireTime_.toBuilder();
+            }
+            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+            if (subBuilder != null) {
+              subBuilder.mergeFrom(expireTime_);
+              expireTime_ = subBuilder.buildPartial();
+            }
+
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
+  }
+
+  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
+  private volatile java.lang.Object accessToken_;
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public java.lang.String getAccessToken() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      accessToken_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getAccessTokenBytes() {
+    java.lang.Object ref = accessToken_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      accessToken_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int EXPIRE_TIME_FIELD_NUMBER = 2;
+  private com.google.protobuf.Timestamp expireTime_;
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  public boolean hasExpireTime() {
+    return expireTime_ != null;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  public com.google.protobuf.Timestamp getExpireTime() {
+    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+  }
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+    return getExpireTime();
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getAccessTokenBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      output.writeMessage(2, getExpireTime());
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getAccessTokenBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
+    }
+    if (expireTime_ != null) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeMessageSize(2, getExpireTime());
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) obj;
+
+    boolean result = true;
+    result = result && getAccessToken()
+        .equals(other.getAccessToken());
+    result = result && (hasExpireTime() == other.hasExpireTime());
+    if (hasExpireTime()) {
+      result = result && getExpireTime()
+          .equals(other.getExpireTime());
+    }
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
+    hash = (53 * hash) + getAccessToken().hashCode();
+    if (hasExpireTime()) {
+      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
+      hash = (53 * hash) + getExpireTime().hashCode();
+    }
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      accessToken_ = "";
+
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse build() {
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse buildPartial() {
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse(this);
+      result.accessToken_ = accessToken_;
+      if (expireTimeBuilder_ == null) {
+        result.expireTime_ = expireTime_;
+      } else {
+        result.expireTime_ = expireTimeBuilder_.build();
+      }
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) {
+        return mergeFrom((com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other) {
+      if (other == com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance()) return this;
+      if (!other.getAccessToken().isEmpty()) {
+        accessToken_ = other.accessToken_;
+        onChanged();
+      }
+      if (other.hasExpireTime()) {
+        mergeExpireTime(other.getExpireTime());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object accessToken_ = "";
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public java.lang.String getAccessToken() {
+      java.lang.Object ref = accessToken_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        accessToken_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getAccessTokenBytes() {
+      java.lang.Object ref = accessToken_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        accessToken_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessToken(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder clearAccessToken() {
+      
+      accessToken_ = getDefaultInstance().getAccessToken();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The OAuth 2.0 access token.
+     * </pre>
+     *
+     * <code>string access_token = 1;</code>
+     */
+    public Builder setAccessTokenBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      accessToken_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.Timestamp expireTime_ = null;
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public boolean hasExpireTime() {
+      return expireTimeBuilder_ != null || expireTime_ != null;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public com.google.protobuf.Timestamp getExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      } else {
+        return expireTimeBuilder_.getMessage();
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (value == null) {
+          throw new NullPointerException();
+        }
+        expireTime_ = value;
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder setExpireTime(
+        com.google.protobuf.Timestamp.Builder builderForValue) {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = builderForValue.build();
+        onChanged();
+      } else {
+        expireTimeBuilder_.setMessage(builderForValue.build());
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
+      if (expireTimeBuilder_ == null) {
+        if (expireTime_ != null) {
+          expireTime_ =
+            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
+        } else {
+          expireTime_ = value;
+        }
+        onChanged();
+      } else {
+        expireTimeBuilder_.mergeFrom(value);
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public Builder clearExpireTime() {
+      if (expireTimeBuilder_ == null) {
+        expireTime_ = null;
+        onChanged();
+      } else {
+        expireTime_ = null;
+        expireTimeBuilder_ = null;
+      }
+
+      return this;
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
+      
+      onChanged();
+      return getExpireTimeFieldBuilder().getBuilder();
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
+      if (expireTimeBuilder_ != null) {
+        return expireTimeBuilder_.getMessageOrBuilder();
+      } else {
+        return expireTime_ == null ?
+            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+      }
+    }
+    /**
+     * <pre>
+     * Token expiration time.
+     * The expiration time is always set.
+     * </pre>
+     *
+     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+     */
+    private com.google.protobuf.SingleFieldBuilderV3<
+        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
+        getExpireTimeFieldBuilder() {
+      if (expireTimeBuilder_ == null) {
+        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
+            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
+                getExpireTime(),
+                getParentForChildren(),
+                isClean());
+        expireTime_ = null;
+      }
+      return expireTimeBuilder_;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+  private static final com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse();
+  }
+
+  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse>
+      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenResponse>() {
+    @java.lang.Override
+    public GenerateIdentityBindingAccessTokenResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new GenerateIdentityBindingAccessTokenResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
new file mode 100644
index 000000000000..1d0fca72ce0d
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
@@ -0,0 +1,55 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface GenerateIdentityBindingAccessTokenResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  java.lang.String getAccessToken();
+  /**
+   * <pre>
+   * The OAuth 2.0 access token.
+   * </pre>
+   *
+   * <code>string access_token = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getAccessTokenBytes();
+
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  boolean hasExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  com.google.protobuf.Timestamp getExpireTime();
+  /**
+   * <pre>
+   * Token expiration time.
+   * The expiration time is always set.
+   * </pre>
+   *
+   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
+   */
+  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java
new file mode 100644
index 000000000000..deaf41eaff0e
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java
@@ -0,0 +1,184 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public final class IAMCredentialsCommonProto {
+  private IAMCredentialsCommonProto() {}
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistryLite registry) {
+  }
+
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions(
+        (com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
+  static final 
+    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable;
+
+  public static com.google.protobuf.Descriptors.FileDescriptor
+      getDescriptor() {
+    return descriptor;
+  }
+  private static  com.google.protobuf.Descriptors.FileDescriptor
+      descriptor;
+  static {
+    java.lang.String[] descriptorData = {
+      "\n&google/iam/credentials/v1/common.proto" +
+      "\022\031google.iam.credentials.v1\032\036google/prot" +
+      "obuf/duration.proto\032\037google/protobuf/tim" +
+      "estamp.proto\"y\n\032GenerateAccessTokenReque" +
+      "st\022\014\n\004name\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\r\n\005s" +
+      "cope\030\004 \003(\t\022+\n\010lifetime\030\007 \001(\0132\031.google.pr" +
+      "otobuf.Duration\"d\n\033GenerateAccessTokenRe" +
+      "sponse\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_t" +
+      "ime\030\003 \001(\0132\032.google.protobuf.Timestamp\"C\n" +
+      "\017SignBlobRequest\022\014\n\004name\030\001 \001(\t\022\021\n\tdelega" +
+      "tes\030\003 \003(\t\022\017\n\007payload\030\005 \001(\014\"7\n\020SignBlobRe" +
+      "sponse\022\016\n\006key_id\030\001 \001(\t\022\023\n\013signed_blob\030\004 " +
+      "\001(\014\"B\n\016SignJwtRequest\022\014\n\004name\030\001 \001(\t\022\021\n\td" +
+      "elegates\030\003 \003(\t\022\017\n\007payload\030\005 \001(\t\"5\n\017SignJ" +
+      "wtResponse\022\016\n\006key_id\030\001 \001(\t\022\022\n\nsigned_jwt" +
+      "\030\002 \001(\t\"b\n\026GenerateIdTokenRequest\022\014\n\004name" +
+      "\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\020\n\010audience\030\003 " +
+      "\001(\t\022\025\n\rinclude_email\030\004 \001(\010\"(\n\027GenerateId" +
+      "TokenResponse\022\r\n\005token\030\001 \001(\t\"U\n)Generate" +
+      "IdentityBindingAccessTokenRequest\022\014\n\004nam" +
+      "e\030\001 \001(\t\022\r\n\005scope\030\002 \003(\t\022\013\n\003jwt\030\003 \001(\t\"s\n*G" +
+      "enerateIdentityBindingAccessTokenRespons" +
+      "e\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_time\030\002" +
+      " \001(\0132\032.google.protobuf.TimestampB\205\001\n\035com" +
+      ".google.iam.credentials.v1B\031IAMCredentia" +
+      "lsCommonProtoP\001ZDgoogle.golang.org/genpr" +
+      "oto/googleapis/iam/credentials/v1;creden" +
+      "tials\370\001\001b\006proto3"
+    };
+    com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
+        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
+          public com.google.protobuf.ExtensionRegistry assignDescriptors(
+              com.google.protobuf.Descriptors.FileDescriptor root) {
+            descriptor = root;
+            return null;
+          }
+        };
+    com.google.protobuf.Descriptors.FileDescriptor
+      .internalBuildGeneratedFileFrom(descriptorData,
+        new com.google.protobuf.Descriptors.FileDescriptor[] {
+          com.google.protobuf.DurationProto.getDescriptor(),
+          com.google.protobuf.TimestampProto.getDescriptor(),
+        }, assigner);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor =
+      getDescriptor().getMessageTypes().get(0);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Scope", "Lifetime", });
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor =
+      getDescriptor().getMessageTypes().get(1);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor,
+        new java.lang.String[] { "AccessToken", "ExpireTime", });
+    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor =
+      getDescriptor().getMessageTypes().get(2);
+    internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Payload", });
+    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor =
+      getDescriptor().getMessageTypes().get(3);
+    internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor,
+        new java.lang.String[] { "KeyId", "SignedBlob", });
+    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor =
+      getDescriptor().getMessageTypes().get(4);
+    internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Payload", });
+    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor =
+      getDescriptor().getMessageTypes().get(5);
+    internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor,
+        new java.lang.String[] { "KeyId", "SignedJwt", });
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor =
+      getDescriptor().getMessageTypes().get(6);
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor,
+        new java.lang.String[] { "Name", "Delegates", "Audience", "IncludeEmail", });
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor =
+      getDescriptor().getMessageTypes().get(7);
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor,
+        new java.lang.String[] { "Token", });
+    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor =
+      getDescriptor().getMessageTypes().get(8);
+    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor,
+        new java.lang.String[] { "Name", "Scope", "Jwt", });
+    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor =
+      getDescriptor().getMessageTypes().get(9);
+    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable = new
+      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+        internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor,
+        new java.lang.String[] { "AccessToken", "ExpireTime", });
+    com.google.protobuf.DurationProto.getDescriptor();
+    com.google.protobuf.TimestampProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java
new file mode 100644
index 000000000000..0df6138f644a
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java
@@ -0,0 +1,189 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package com.google.iam.credentials.v1;
+
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.api.resourcenames.ResourceName;
+import java.util.Map;
+import java.util.ArrayList;
+import java.util.List;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+@javax.annotation.Generated("by GAPIC protoc plugin")
+public class ServiceAccountName implements ResourceName {
+
+  private static final PathTemplate PATH_TEMPLATE =
+      PathTemplate.createWithoutUrlEncoding("projects/{project}/serviceAccounts/{service_account}");
+
+  private volatile Map<String, String> fieldValuesMap;
+
+  private final String project;
+  private final String serviceAccount;
+
+  public String getProject() {
+    return project;
+  }
+
+  public String getServiceAccount() {
+    return serviceAccount;
+  }
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  private ServiceAccountName(Builder builder) {
+    project = Preconditions.checkNotNull(builder.getProject());
+    serviceAccount = Preconditions.checkNotNull(builder.getServiceAccount());
+  }
+
+  public static ServiceAccountName of(String project, String serviceAccount) {
+    return newBuilder()
+      .setProject(project)
+      .setServiceAccount(serviceAccount)
+      .build();
+  }
+
+  public static String format(String project, String serviceAccount) {
+    return newBuilder()
+      .setProject(project)
+      .setServiceAccount(serviceAccount)
+      .build()
+      .toString();
+  }
+
+  public static ServiceAccountName parse(String formattedString) {
+    if (formattedString.isEmpty()) {
+      return null;
+    }
+    Map<String, String> matchMap =
+        PATH_TEMPLATE.validatedMatch(formattedString, "ServiceAccountName.parse: formattedString not in valid format");
+    return of(matchMap.get("project"), matchMap.get("service_account"));
+  }
+
+  public static List<ServiceAccountName> parseList(List<String> formattedStrings) {
+    List<ServiceAccountName> list = new ArrayList<>(formattedStrings.size());
+    for (String formattedString : formattedStrings) {
+      list.add(parse(formattedString));
+    }
+    return list;
+  }
+
+  public static List<String> toStringList(List<ServiceAccountName> values) {
+    List<String> list = new ArrayList<String>(values.size());
+    for (ServiceAccountName value : values) {
+      if (value == null) {
+        list.add("");
+      } else {
+        list.add(value.toString());
+      }
+    }
+    return list;
+  }
+
+  public static boolean isParsableFrom(String formattedString) {
+    return PATH_TEMPLATE.matches(formattedString);
+  }
+
+  public Map<String, String> getFieldValuesMap() {
+    if (fieldValuesMap == null) {
+      synchronized (this) {
+        if (fieldValuesMap == null) {
+          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
+          fieldMapBuilder.put("project", project);
+          fieldMapBuilder.put("serviceAccount", serviceAccount);
+          fieldValuesMap = fieldMapBuilder.build();
+        }
+      }
+    }
+    return fieldValuesMap;
+  }
+
+  public String getFieldValue(String fieldName) {
+    return getFieldValuesMap().get(fieldName);
+  }
+
+  @Override
+  public String toString() {
+    return PATH_TEMPLATE.instantiate("project", project, "service_account", serviceAccount);
+  }
+
+  /** Builder for ServiceAccountName. */
+  public static class Builder {
+
+    private String project;
+    private String serviceAccount;
+
+    public String getProject() {
+      return project;
+    }
+
+    public String getServiceAccount() {
+      return serviceAccount;
+    }
+
+    public Builder setProject(String project) {
+      this.project = project;
+      return this;
+    }
+
+    public Builder setServiceAccount(String serviceAccount) {
+      this.serviceAccount = serviceAccount;
+      return this;
+    }
+
+    private Builder() {
+    }
+
+    private Builder(ServiceAccountName serviceAccountName) {
+      project = serviceAccountName.project;
+      serviceAccount = serviceAccountName.serviceAccount;
+    }
+
+    public ServiceAccountName build() {
+      return new ServiceAccountName(this);
+    }
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (o == this) {
+      return true;
+    }
+    if (o instanceof ServiceAccountName) {
+      ServiceAccountName that = (ServiceAccountName) o;
+      return (this.project.equals(that.project))
+          && (this.serviceAccount.equals(that.serviceAccount));
+    }
+    return false;
+  }
+
+  @Override
+  public int hashCode() {
+    int h = 1;
+    h *= 1000003;
+    h ^= project.hashCode();
+    h *= 1000003;
+    h ^= serviceAccount.hashCode();
+    return h;
+  }
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java
new file mode 100644
index 000000000000..c134c2c17017
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java
@@ -0,0 +1,978 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
+ */
+public  final class SignBlobRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobRequest)
+    SignBlobRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignBlobRequest.newBuilder() to construct.
+  private SignBlobRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignBlobRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    payload_ = com.google.protobuf.ByteString.EMPTY;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignBlobRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 42: {
+
+            payload_ = input.readBytes();
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.SignBlobRequest.class, com.google.iam.credentials.v1.SignBlobRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 3;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int PAYLOAD_FIELD_NUMBER = 5;
+  private com.google.protobuf.ByteString payload_;
+  /**
+   * <pre>
+   * The bytes to sign.
+   * </pre>
+   *
+   * <code>bytes payload = 5;</code>
+   */
+  public com.google.protobuf.ByteString getPayload() {
+    return payload_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, delegates_.getRaw(i));
+    }
+    if (!payload_.isEmpty()) {
+      output.writeBytes(5, payload_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    if (!payload_.isEmpty()) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBytesSize(5, payload_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.SignBlobRequest)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.SignBlobRequest other = (com.google.iam.credentials.v1.SignBlobRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getPayload()
+        .equals(other.getPayload());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    hash = (37 * hash) + PAYLOAD_FIELD_NUMBER;
+    hash = (53 * hash) + getPayload().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.SignBlobRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobRequest)
+      com.google.iam.credentials.v1.SignBlobRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.SignBlobRequest.class, com.google.iam.credentials.v1.SignBlobRequest.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.SignBlobRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      payload_ = com.google.protobuf.ByteString.EMPTY;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.SignBlobRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignBlobRequest build() {
+      com.google.iam.credentials.v1.SignBlobRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignBlobRequest buildPartial() {
+      com.google.iam.credentials.v1.SignBlobRequest result = new com.google.iam.credentials.v1.SignBlobRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      result.payload_ = payload_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.SignBlobRequest) {
+        return mergeFrom((com.google.iam.credentials.v1.SignBlobRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.SignBlobRequest other) {
+      if (other == com.google.iam.credentials.v1.SignBlobRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (other.getPayload() != com.google.protobuf.ByteString.EMPTY) {
+        setPayload(other.getPayload());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.SignBlobRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.SignBlobRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.ByteString payload_ = com.google.protobuf.ByteString.EMPTY;
+    /**
+     * <pre>
+     * The bytes to sign.
+     * </pre>
+     *
+     * <code>bytes payload = 5;</code>
+     */
+    public com.google.protobuf.ByteString getPayload() {
+      return payload_;
+    }
+    /**
+     * <pre>
+     * The bytes to sign.
+     * </pre>
+     *
+     * <code>bytes payload = 5;</code>
+     */
+    public Builder setPayload(com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      payload_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The bytes to sign.
+     * </pre>
+     *
+     * <code>bytes payload = 5;</code>
+     */
+    public Builder clearPayload() {
+      
+      payload_ = getDefaultInstance().getPayload();
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobRequest)
+  private static final com.google.iam.credentials.v1.SignBlobRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignBlobRequest();
+  }
+
+  public static com.google.iam.credentials.v1.SignBlobRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignBlobRequest>
+      PARSER = new com.google.protobuf.AbstractParser<SignBlobRequest>() {
+    @java.lang.Override
+    public SignBlobRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignBlobRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignBlobRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignBlobRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java
new file mode 100644
index 000000000000..5af7667aa6c5
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java
@@ -0,0 +1,103 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface SignBlobRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * The bytes to sign.
+   * </pre>
+   *
+   * <code>bytes payload = 5;</code>
+   */
+  com.google.protobuf.ByteString getPayload();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java
new file mode 100644
index 000000000000..4b1532342c2e
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java
@@ -0,0 +1,646 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
+ */
+public  final class SignBlobResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobResponse)
+    SignBlobResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignBlobResponse.newBuilder() to construct.
+  private SignBlobResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignBlobResponse() {
+    keyId_ = "";
+    signedBlob_ = com.google.protobuf.ByteString.EMPTY;
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignBlobResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            keyId_ = s;
+            break;
+          }
+          case 34: {
+
+            signedBlob_ = input.readBytes();
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.SignBlobResponse.class, com.google.iam.credentials.v1.SignBlobResponse.Builder.class);
+  }
+
+  public static final int KEY_ID_FIELD_NUMBER = 1;
+  private volatile java.lang.Object keyId_;
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public java.lang.String getKeyId() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      keyId_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getKeyIdBytes() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      keyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SIGNED_BLOB_FIELD_NUMBER = 4;
+  private com.google.protobuf.ByteString signedBlob_;
+  /**
+   * <pre>
+   * The signed blob.
+   * </pre>
+   *
+   * <code>bytes signed_blob = 4;</code>
+   */
+  public com.google.protobuf.ByteString getSignedBlob() {
+    return signedBlob_;
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getKeyIdBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
+    }
+    if (!signedBlob_.isEmpty()) {
+      output.writeBytes(4, signedBlob_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getKeyIdBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
+    }
+    if (!signedBlob_.isEmpty()) {
+      size += com.google.protobuf.CodedOutputStream
+        .computeBytesSize(4, signedBlob_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.SignBlobResponse)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.SignBlobResponse other = (com.google.iam.credentials.v1.SignBlobResponse) obj;
+
+    boolean result = true;
+    result = result && getKeyId()
+        .equals(other.getKeyId());
+    result = result && getSignedBlob()
+        .equals(other.getSignedBlob());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + KEY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getKeyId().hashCode();
+    hash = (37 * hash) + SIGNED_BLOB_FIELD_NUMBER;
+    hash = (53 * hash) + getSignedBlob().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.SignBlobResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobResponse)
+      com.google.iam.credentials.v1.SignBlobResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.SignBlobResponse.class, com.google.iam.credentials.v1.SignBlobResponse.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.SignBlobResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      keyId_ = "";
+
+      signedBlob_ = com.google.protobuf.ByteString.EMPTY;
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.SignBlobResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignBlobResponse build() {
+      com.google.iam.credentials.v1.SignBlobResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignBlobResponse buildPartial() {
+      com.google.iam.credentials.v1.SignBlobResponse result = new com.google.iam.credentials.v1.SignBlobResponse(this);
+      result.keyId_ = keyId_;
+      result.signedBlob_ = signedBlob_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.SignBlobResponse) {
+        return mergeFrom((com.google.iam.credentials.v1.SignBlobResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.SignBlobResponse other) {
+      if (other == com.google.iam.credentials.v1.SignBlobResponse.getDefaultInstance()) return this;
+      if (!other.getKeyId().isEmpty()) {
+        keyId_ = other.keyId_;
+        onChanged();
+      }
+      if (other.getSignedBlob() != com.google.protobuf.ByteString.EMPTY) {
+        setSignedBlob(other.getSignedBlob());
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.SignBlobResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.SignBlobResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object keyId_ = "";
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public java.lang.String getKeyId() {
+      java.lang.Object ref = keyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        keyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getKeyIdBytes() {
+      java.lang.Object ref = keyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        keyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyId(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder clearKeyId() {
+      
+      keyId_ = getDefaultInstance().getKeyId();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the blob.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyIdBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.ByteString signedBlob_ = com.google.protobuf.ByteString.EMPTY;
+    /**
+     * <pre>
+     * The signed blob.
+     * </pre>
+     *
+     * <code>bytes signed_blob = 4;</code>
+     */
+    public com.google.protobuf.ByteString getSignedBlob() {
+      return signedBlob_;
+    }
+    /**
+     * <pre>
+     * The signed blob.
+     * </pre>
+     *
+     * <code>bytes signed_blob = 4;</code>
+     */
+    public Builder setSignedBlob(com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      signedBlob_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The signed blob.
+     * </pre>
+     *
+     * <code>bytes signed_blob = 4;</code>
+     */
+    public Builder clearSignedBlob() {
+      
+      signedBlob_ = getDefaultInstance().getSignedBlob();
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobResponse)
+  private static final com.google.iam.credentials.v1.SignBlobResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignBlobResponse();
+  }
+
+  public static com.google.iam.credentials.v1.SignBlobResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignBlobResponse>
+      PARSER = new com.google.protobuf.AbstractParser<SignBlobResponse>() {
+    @java.lang.Override
+    public SignBlobResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignBlobResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignBlobResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignBlobResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java
new file mode 100644
index 000000000000..76e2a97d1806
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java
@@ -0,0 +1,36 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface SignBlobResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  java.lang.String getKeyId();
+  /**
+   * <pre>
+   * The ID of the key used to sign the blob.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getKeyIdBytes();
+
+  /**
+   * <pre>
+   * The signed blob.
+   * </pre>
+   *
+   * <code>bytes signed_blob = 4;</code>
+   */
+  com.google.protobuf.ByteString getSignedBlob();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java
new file mode 100644
index 000000000000..655535f9489f
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java
@@ -0,0 +1,1056 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
+ */
+public  final class SignJwtRequest extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtRequest)
+    SignJwtRequestOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignJwtRequest.newBuilder() to construct.
+  private SignJwtRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignJwtRequest() {
+    name_ = "";
+    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    payload_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignJwtRequest(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            name_ = s;
+            break;
+          }
+          case 26: {
+            java.lang.String s = input.readStringRequireUtf8();
+            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+              delegates_ = new com.google.protobuf.LazyStringArrayList();
+              mutable_bitField0_ |= 0x00000002;
+            }
+            delegates_.add(s);
+            break;
+          }
+          case 42: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            payload_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+      }
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.SignJwtRequest.class, com.google.iam.credentials.v1.SignJwtRequest.Builder.class);
+  }
+
+  private int bitField0_;
+  public static final int NAME_FIELD_NUMBER = 1;
+  private volatile java.lang.Object name_;
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public java.lang.String getName() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      name_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getNameBytes() {
+    java.lang.Object ref = name_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      name_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int DELEGATES_FIELD_NUMBER = 3;
+  private com.google.protobuf.LazyStringList delegates_;
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ProtocolStringList
+      getDelegatesList() {
+    return delegates_;
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public int getDelegatesCount() {
+    return delegates_.size();
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public java.lang.String getDelegates(int index) {
+    return delegates_.get(index);
+  }
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  public com.google.protobuf.ByteString
+      getDelegatesBytes(int index) {
+    return delegates_.getByteString(index);
+  }
+
+  public static final int PAYLOAD_FIELD_NUMBER = 5;
+  private volatile java.lang.Object payload_;
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  public java.lang.String getPayload() {
+    java.lang.Object ref = payload_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      payload_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  public com.google.protobuf.ByteString
+      getPayloadBytes() {
+    java.lang.Object ref = payload_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      payload_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getNameBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+    }
+    for (int i = 0; i < delegates_.size(); i++) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, delegates_.getRaw(i));
+    }
+    if (!getPayloadBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 5, payload_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getNameBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+    }
+    {
+      int dataSize = 0;
+      for (int i = 0; i < delegates_.size(); i++) {
+        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
+      }
+      size += dataSize;
+      size += 1 * getDelegatesList().size();
+    }
+    if (!getPayloadBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(5, payload_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.SignJwtRequest)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.SignJwtRequest other = (com.google.iam.credentials.v1.SignJwtRequest) obj;
+
+    boolean result = true;
+    result = result && getName()
+        .equals(other.getName());
+    result = result && getDelegatesList()
+        .equals(other.getDelegatesList());
+    result = result && getPayload()
+        .equals(other.getPayload());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + NAME_FIELD_NUMBER;
+    hash = (53 * hash) + getName().hashCode();
+    if (getDelegatesCount() > 0) {
+      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
+      hash = (53 * hash) + getDelegatesList().hashCode();
+    }
+    hash = (37 * hash) + PAYLOAD_FIELD_NUMBER;
+    hash = (53 * hash) + getPayload().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.SignJwtRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtRequest)
+      com.google.iam.credentials.v1.SignJwtRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.SignJwtRequest.class, com.google.iam.credentials.v1.SignJwtRequest.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.SignJwtRequest.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      name_ = "";
+
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      payload_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.SignJwtRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignJwtRequest build() {
+      com.google.iam.credentials.v1.SignJwtRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignJwtRequest buildPartial() {
+      com.google.iam.credentials.v1.SignJwtRequest result = new com.google.iam.credentials.v1.SignJwtRequest(this);
+      int from_bitField0_ = bitField0_;
+      int to_bitField0_ = 0;
+      result.name_ = name_;
+      if (((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = delegates_.getUnmodifiableView();
+        bitField0_ = (bitField0_ & ~0x00000002);
+      }
+      result.delegates_ = delegates_;
+      result.payload_ = payload_;
+      result.bitField0_ = to_bitField0_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.SignJwtRequest) {
+        return mergeFrom((com.google.iam.credentials.v1.SignJwtRequest)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.SignJwtRequest other) {
+      if (other == com.google.iam.credentials.v1.SignJwtRequest.getDefaultInstance()) return this;
+      if (!other.getName().isEmpty()) {
+        name_ = other.name_;
+        onChanged();
+      }
+      if (!other.delegates_.isEmpty()) {
+        if (delegates_.isEmpty()) {
+          delegates_ = other.delegates_;
+          bitField0_ = (bitField0_ & ~0x00000002);
+        } else {
+          ensureDelegatesIsMutable();
+          delegates_.addAll(other.delegates_);
+        }
+        onChanged();
+      }
+      if (!other.getPayload().isEmpty()) {
+        payload_ = other.payload_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.SignJwtRequest parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.SignJwtRequest) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+    private int bitField0_;
+
+    private java.lang.Object name_ = "";
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public java.lang.String getName() {
+      java.lang.Object ref = name_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        name_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getNameBytes() {
+      java.lang.Object ref = name_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        name_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setName(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      name_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder clearName() {
+      
+      name_ = getDefaultInstance().getName();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The resource name of the service account for which the credentials
+     * are requested, in the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+     * </pre>
+     *
+     * <code>string name = 1;</code>
+     */
+    public Builder setNameBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      name_ = value;
+      onChanged();
+      return this;
+    }
+
+    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private void ensureDelegatesIsMutable() {
+      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
+        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
+        bitField0_ |= 0x00000002;
+       }
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ProtocolStringList
+        getDelegatesList() {
+      return delegates_.getUnmodifiableView();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public int getDelegatesCount() {
+      return delegates_.size();
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public java.lang.String getDelegates(int index) {
+      return delegates_.get(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public com.google.protobuf.ByteString
+        getDelegatesBytes(int index) {
+      return delegates_.getByteString(index);
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder setDelegates(
+        int index, java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.set(index, value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegates(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addAllDelegates(
+        java.lang.Iterable<java.lang.String> values) {
+      ensureDelegatesIsMutable();
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(
+          values, delegates_);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder clearDelegates() {
+      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+      bitField0_ = (bitField0_ & ~0x00000002);
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The sequence of service accounts in a delegation chain. Each service
+     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on its next service account in the chain. The last service account in the
+     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+     * on the service account that is specified in the `name` field of the
+     * request.
+     * The delegates must have the following format:
+     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+     * </pre>
+     *
+     * <code>repeated string delegates = 3;</code>
+     */
+    public Builder addDelegatesBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      ensureDelegatesIsMutable();
+      delegates_.add(value);
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object payload_ = "";
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public java.lang.String getPayload() {
+      java.lang.Object ref = payload_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        payload_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public com.google.protobuf.ByteString
+        getPayloadBytes() {
+      java.lang.Object ref = payload_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        payload_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public Builder setPayload(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      payload_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public Builder clearPayload() {
+      
+      payload_ = getDefaultInstance().getPayload();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+     * </pre>
+     *
+     * <code>string payload = 5;</code>
+     */
+    public Builder setPayloadBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      payload_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtRequest)
+  private static final com.google.iam.credentials.v1.SignJwtRequest DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignJwtRequest();
+  }
+
+  public static com.google.iam.credentials.v1.SignJwtRequest getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignJwtRequest>
+      PARSER = new com.google.protobuf.AbstractParser<SignJwtRequest>() {
+    @java.lang.Override
+    public SignJwtRequest parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignJwtRequest(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignJwtRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignJwtRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java
new file mode 100644
index 000000000000..f3c06124accd
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java
@@ -0,0 +1,112 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface SignJwtRequestOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  java.lang.String getName();
+  /**
+   * <pre>
+   * The resource name of the service account for which the credentials
+   * are requested, in the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * </pre>
+   *
+   * <code>string name = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getNameBytes();
+
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.util.List<java.lang.String>
+      getDelegatesList();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  int getDelegatesCount();
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  java.lang.String getDelegates(int index);
+  /**
+   * <pre>
+   * The sequence of service accounts in a delegation chain. Each service
+   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on its next service account in the chain. The last service account in the
+   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+   * on the service account that is specified in the `name` field of the
+   * request.
+   * The delegates must have the following format:
+   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * </pre>
+   *
+   * <code>repeated string delegates = 3;</code>
+   */
+  com.google.protobuf.ByteString
+      getDelegatesBytes(int index);
+
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  java.lang.String getPayload();
+  /**
+   * <pre>
+   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * </pre>
+   *
+   * <code>string payload = 5;</code>
+   */
+  com.google.protobuf.ByteString
+      getPayloadBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java
new file mode 100644
index 000000000000..c84048a3ff40
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java
@@ -0,0 +1,724 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+/**
+ * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
+ */
+public  final class SignJwtResponse extends
+    com.google.protobuf.GeneratedMessageV3 implements
+    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtResponse)
+    SignJwtResponseOrBuilder {
+private static final long serialVersionUID = 0L;
+  // Use SignJwtResponse.newBuilder() to construct.
+  private SignJwtResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+  private SignJwtResponse() {
+    keyId_ = "";
+    signedJwt_ = "";
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet
+  getUnknownFields() {
+    return this.unknownFields;
+  }
+  private SignJwtResponse(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    this();
+    if (extensionRegistry == null) {
+      throw new java.lang.NullPointerException();
+    }
+    int mutable_bitField0_ = 0;
+    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
+        com.google.protobuf.UnknownFieldSet.newBuilder();
+    try {
+      boolean done = false;
+      while (!done) {
+        int tag = input.readTag();
+        switch (tag) {
+          case 0:
+            done = true;
+            break;
+          case 10: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            keyId_ = s;
+            break;
+          }
+          case 18: {
+            java.lang.String s = input.readStringRequireUtf8();
+
+            signedJwt_ = s;
+            break;
+          }
+          default: {
+            if (!parseUnknownFieldProto3(
+                input, unknownFields, extensionRegistry, tag)) {
+              done = true;
+            }
+            break;
+          }
+        }
+      }
+    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+      throw e.setUnfinishedMessage(this);
+    } catch (java.io.IOException e) {
+      throw new com.google.protobuf.InvalidProtocolBufferException(
+          e).setUnfinishedMessage(this);
+    } finally {
+      this.unknownFields = unknownFields.build();
+      makeExtensionsImmutable();
+    }
+  }
+  public static final com.google.protobuf.Descriptors.Descriptor
+      getDescriptor() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.iam.credentials.v1.SignJwtResponse.class, com.google.iam.credentials.v1.SignJwtResponse.Builder.class);
+  }
+
+  public static final int KEY_ID_FIELD_NUMBER = 1;
+  private volatile java.lang.Object keyId_;
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public java.lang.String getKeyId() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      keyId_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  public com.google.protobuf.ByteString
+      getKeyIdBytes() {
+    java.lang.Object ref = keyId_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      keyId_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  public static final int SIGNED_JWT_FIELD_NUMBER = 2;
+  private volatile java.lang.Object signedJwt_;
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  public java.lang.String getSignedJwt() {
+    java.lang.Object ref = signedJwt_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = 
+          (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      signedJwt_ = s;
+      return s;
+    }
+  }
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  public com.google.protobuf.ByteString
+      getSignedJwtBytes() {
+    java.lang.Object ref = signedJwt_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b = 
+          com.google.protobuf.ByteString.copyFromUtf8(
+              (java.lang.String) ref);
+      signedJwt_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output)
+                      throws java.io.IOException {
+    if (!getKeyIdBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
+    }
+    if (!getSignedJwtBytes().isEmpty()) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, signedJwt_);
+    }
+    unknownFields.writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!getKeyIdBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
+    }
+    if (!getSignedJwtBytes().isEmpty()) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, signedJwt_);
+    }
+    size += unknownFields.getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+     return true;
+    }
+    if (!(obj instanceof com.google.iam.credentials.v1.SignJwtResponse)) {
+      return super.equals(obj);
+    }
+    com.google.iam.credentials.v1.SignJwtResponse other = (com.google.iam.credentials.v1.SignJwtResponse) obj;
+
+    boolean result = true;
+    result = result && getKeyId()
+        .equals(other.getKeyId());
+    result = result && getSignedJwt()
+        .equals(other.getSignedJwt());
+    result = result && unknownFields.equals(other.unknownFields);
+    return result;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + KEY_ID_FIELD_NUMBER;
+    hash = (53 * hash) + getKeyId().hashCode();
+    hash = (37 * hash) + SIGNED_JWT_FIELD_NUMBER;
+    hash = (53 * hash) + getSignedJwt().hashCode();
+    hash = (29 * hash) + unknownFields.hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.nio.ByteBuffer data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.nio.ByteBuffer data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(byte[] data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      byte[] data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(java.io.InputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(
+      java.io.InputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.CodedInputStream input)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input);
+  }
+  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3
+        .parseWithIOException(PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() { return newBuilder(); }
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+  public static Builder newBuilder(com.google.iam.credentials.v1.SignJwtResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE
+        ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(
+      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
+   */
+  public static final class Builder extends
+      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtResponse)
+      com.google.iam.credentials.v1.SignJwtResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor
+        getDescriptor() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.iam.credentials.v1.SignJwtResponse.class, com.google.iam.credentials.v1.SignJwtResponse.Builder.class);
+    }
+
+    // Construct using com.google.iam.credentials.v1.SignJwtResponse.newBuilder()
+    private Builder() {
+      maybeForceBuilderInitialization();
+    }
+
+    private Builder(
+        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+      maybeForceBuilderInitialization();
+    }
+    private void maybeForceBuilderInitialization() {
+      if (com.google.protobuf.GeneratedMessageV3
+              .alwaysUseFieldBuilders) {
+      }
+    }
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      keyId_ = "";
+
+      signedJwt_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor
+        getDescriptorForType() {
+      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
+      return com.google.iam.credentials.v1.SignJwtResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignJwtResponse build() {
+      com.google.iam.credentials.v1.SignJwtResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.iam.credentials.v1.SignJwtResponse buildPartial() {
+      com.google.iam.credentials.v1.SignJwtResponse result = new com.google.iam.credentials.v1.SignJwtResponse(this);
+      result.keyId_ = keyId_;
+      result.signedJwt_ = signedJwt_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return (Builder) super.clone();
+    }
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.setField(field, value);
+    }
+    @java.lang.Override
+    public Builder clearField(
+        com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return (Builder) super.clearField(field);
+    }
+    @java.lang.Override
+    public Builder clearOneof(
+        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return (Builder) super.clearOneof(oneof);
+    }
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        int index, java.lang.Object value) {
+      return (Builder) super.setRepeatedField(field, index, value);
+    }
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field,
+        java.lang.Object value) {
+      return (Builder) super.addRepeatedField(field, value);
+    }
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.iam.credentials.v1.SignJwtResponse) {
+        return mergeFrom((com.google.iam.credentials.v1.SignJwtResponse)other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(com.google.iam.credentials.v1.SignJwtResponse other) {
+      if (other == com.google.iam.credentials.v1.SignJwtResponse.getDefaultInstance()) return this;
+      if (!other.getKeyId().isEmpty()) {
+        keyId_ = other.keyId_;
+        onChanged();
+      }
+      if (!other.getSignedJwt().isEmpty()) {
+        signedJwt_ = other.signedJwt_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.unknownFields);
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      com.google.iam.credentials.v1.SignJwtResponse parsedMessage = null;
+      try {
+        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        parsedMessage = (com.google.iam.credentials.v1.SignJwtResponse) e.getUnfinishedMessage();
+        throw e.unwrapIOException();
+      } finally {
+        if (parsedMessage != null) {
+          mergeFrom(parsedMessage);
+        }
+      }
+      return this;
+    }
+
+    private java.lang.Object keyId_ = "";
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public java.lang.String getKeyId() {
+      java.lang.Object ref = keyId_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        keyId_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public com.google.protobuf.ByteString
+        getKeyIdBytes() {
+      java.lang.Object ref = keyId_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        keyId_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyId(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder clearKeyId() {
+      
+      keyId_ = getDefaultInstance().getKeyId();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The ID of the key used to sign the JWT.
+     * </pre>
+     *
+     * <code>string key_id = 1;</code>
+     */
+    public Builder setKeyIdBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      keyId_ = value;
+      onChanged();
+      return this;
+    }
+
+    private java.lang.Object signedJwt_ = "";
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public java.lang.String getSignedJwt() {
+      java.lang.Object ref = signedJwt_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs =
+            (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        signedJwt_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public com.google.protobuf.ByteString
+        getSignedJwtBytes() {
+      java.lang.Object ref = signedJwt_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b = 
+            com.google.protobuf.ByteString.copyFromUtf8(
+                (java.lang.String) ref);
+        signedJwt_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public Builder setSignedJwt(
+        java.lang.String value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  
+      signedJwt_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public Builder clearSignedJwt() {
+      
+      signedJwt_ = getDefaultInstance().getSignedJwt();
+      onChanged();
+      return this;
+    }
+    /**
+     * <pre>
+     * The signed JWT.
+     * </pre>
+     *
+     * <code>string signed_jwt = 2;</code>
+     */
+    public Builder setSignedJwtBytes(
+        com.google.protobuf.ByteString value) {
+      if (value == null) {
+    throw new NullPointerException();
+  }
+  checkByteStringIsUtf8(value);
+      
+      signedJwt_ = value;
+      onChanged();
+      return this;
+    }
+    @java.lang.Override
+    public final Builder setUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFieldsProto3(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+
+    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtResponse)
+  private static final com.google.iam.credentials.v1.SignJwtResponse DEFAULT_INSTANCE;
+  static {
+    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignJwtResponse();
+  }
+
+  public static com.google.iam.credentials.v1.SignJwtResponse getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<SignJwtResponse>
+      PARSER = new com.google.protobuf.AbstractParser<SignJwtResponse>() {
+    @java.lang.Override
+    public SignJwtResponse parsePartialFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws com.google.protobuf.InvalidProtocolBufferException {
+      return new SignJwtResponse(input, extensionRegistry);
+    }
+  };
+
+  public static com.google.protobuf.Parser<SignJwtResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<SignJwtResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java
new file mode 100644
index 000000000000..684ab9f8ec33
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java
@@ -0,0 +1,45 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/common.proto
+
+package com.google.iam.credentials.v1;
+
+public interface SignJwtResponseOrBuilder extends
+    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  java.lang.String getKeyId();
+  /**
+   * <pre>
+   * The ID of the key used to sign the JWT.
+   * </pre>
+   *
+   * <code>string key_id = 1;</code>
+   */
+  com.google.protobuf.ByteString
+      getKeyIdBytes();
+
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  java.lang.String getSignedJwt();
+  /**
+   * <pre>
+   * The signed JWT.
+   * </pre>
+   *
+   * <code>string signed_jwt = 2;</code>
+   */
+  com.google.protobuf.ByteString
+      getSignedJwtBytes();
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java
new file mode 100644
index 000000000000..656b33b2d6ea
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java
@@ -0,0 +1,82 @@
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/iam/credentials/v1/iamcredentials.proto
+
+package google.iam.credentials.v1;
+
+public final class Iamcredentials {
+  private Iamcredentials() {}
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistryLite registry) {
+  }
+
+  public static void registerAllExtensions(
+      com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions(
+        (com.google.protobuf.ExtensionRegistryLite) registry);
+  }
+
+  public static com.google.protobuf.Descriptors.FileDescriptor
+      getDescriptor() {
+    return descriptor;
+  }
+  private static  com.google.protobuf.Descriptors.FileDescriptor
+      descriptor;
+  static {
+    java.lang.String[] descriptorData = {
+      "\n.google/iam/credentials/v1/iamcredentia" +
+      "ls.proto\022\031google.iam.credentials.v1\032\034goo" +
+      "gle/api/annotations.proto\032&google/iam/cr" +
+      "edentials/v1/common.proto2\353\007\n\016IAMCredent" +
+      "ials\022\314\001\n\023GenerateAccessToken\0225.google.ia" +
+      "m.credentials.v1.GenerateAccessTokenRequ" +
+      "est\0326.google.iam.credentials.v1.Generate" +
+      "AccessTokenResponse\"F\202\323\344\223\002@\";/v1/{name=p" +
+      "rojects/*/serviceAccounts/*}:generateAcc" +
+      "essToken:\001*\022\274\001\n\017GenerateIdToken\0221.google" +
+      ".iam.credentials.v1.GenerateIdTokenReque" +
+      "st\0322.google.iam.credentials.v1.GenerateI" +
+      "dTokenResponse\"B\202\323\344\223\002<\"7/v1/{name=projec" +
+      "ts/*/serviceAccounts/*}:generateIdToken:" +
+      "\001*\022\240\001\n\010SignBlob\022*.google.iam.credentials" +
+      ".v1.SignBlobRequest\032+.google.iam.credent" +
+      "ials.v1.SignBlobResponse\";\202\323\344\223\0025\"0/v1/{n" +
+      "ame=projects/*/serviceAccounts/*}:signBl" +
+      "ob:\001*\022\234\001\n\007SignJwt\022).google.iam.credentia" +
+      "ls.v1.SignJwtRequest\032*.google.iam.creden" +
+      "tials.v1.SignJwtResponse\":\202\323\344\223\0024\"//v1/{n" +
+      "ame=projects/*/serviceAccounts/*}:signJw" +
+      "t:\001*\022\210\002\n\"GenerateIdentityBindingAccessTo" +
+      "ken\022D.google.iam.credentials.v1.Generate" +
+      "IdentityBindingAccessTokenRequest\032E.goog" +
+      "le.iam.credentials.v1.GenerateIdentityBi" +
+      "ndingAccessTokenResponse\"U\202\323\344\223\002O\"J/v1/{n" +
+      "ame=projects/*/serviceAccounts/*}:genera" +
+      "teIdentityBindingAccessToken:\001*BIZDgoogl" +
+      "e.golang.org/genproto/googleapis/iam/cre" +
+      "dentials/v1;credentials\370\001\001b\006proto3"
+    };
+    com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
+        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
+          public com.google.protobuf.ExtensionRegistry assignDescriptors(
+              com.google.protobuf.Descriptors.FileDescriptor root) {
+            descriptor = root;
+            return null;
+          }
+        };
+    com.google.protobuf.Descriptors.FileDescriptor
+      .internalBuildGeneratedFileFrom(descriptorData,
+        new com.google.protobuf.Descriptors.FileDescriptor[] {
+          com.google.api.AnnotationsProto.getDescriptor(),
+          com.google.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor(),
+        }, assigner);
+    com.google.protobuf.ExtensionRegistry registry =
+        com.google.protobuf.ExtensionRegistry.newInstance();
+    registry.add(com.google.api.AnnotationsProto.http);
+    com.google.protobuf.Descriptors.FileDescriptor
+        .internalUpdateFileDescriptor(descriptor, registry);
+    com.google.api.AnnotationsProto.getDescriptor();
+    com.google.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor();
+  }
+
+  // @@protoc_insertion_point(outer_class_scope)
+}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/common.proto b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/common.proto
new file mode 100644
index 000000000000..4fb12530ce00
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/common.proto
@@ -0,0 +1,156 @@
+// Copyright 2018 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.iam.credentials.v1;
+
+import "google/protobuf/duration.proto";
+import "google/protobuf/timestamp.proto";
+
+option cc_enable_arenas = true;
+option go_package = "google.golang.org/genproto/googleapis/iam/credentials/v1;credentials";
+option java_multiple_files = true;
+option java_outer_classname = "IAMCredentialsCommonProto";
+option java_package = "com.google.cloud.iam.credentials.v1";
+
+
+message GenerateAccessTokenRequest {
+  // The resource name of the service account for which the credentials
+  // are requested, in the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+  string name = 1;
+
+  // The sequence of service accounts in a delegation chain. Each service
+  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on its next service account in the chain. The last service account in the
+  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on the service account that is specified in the `name` field of the
+  // request.
+  //
+  // The delegates must have the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+  repeated string delegates = 2;
+
+  // Code to identify the scopes to be included in the OAuth 2.0 access token.
+  // See https://developers.google.com/identity/protocols/googlescopes for more
+  // information.
+  // At least one value required.
+  repeated string scope = 4;
+
+  // The desired lifetime duration of the access token in seconds.
+  // Must be set to a value less than or equal to 3600 (1 hour). If a value is
+  // not specified, the token's lifetime will be set to a default value of one
+  // hour.
+  google.protobuf.Duration lifetime = 7;
+}
+
+message GenerateAccessTokenResponse {
+  // The OAuth 2.0 access token.
+  string access_token = 1;
+
+  // Token expiration time.
+  // The expiration time is always set.
+  google.protobuf.Timestamp expire_time = 3;
+}
+
+message SignBlobRequest {
+  // The resource name of the service account for which the credentials
+  // are requested, in the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+  string name = 1;
+
+  // The sequence of service accounts in a delegation chain. Each service
+  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on its next service account in the chain. The last service account in the
+  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on the service account that is specified in the `name` field of the
+  // request.
+  //
+  // The delegates must have the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+  repeated string delegates = 3;
+
+  // The bytes to sign.
+  bytes payload = 5;
+}
+
+message SignBlobResponse {
+  // The ID of the key used to sign the blob.
+  string key_id = 1;
+
+  // The signed blob.
+  bytes signed_blob = 4;
+}
+
+message SignJwtRequest {
+  // The resource name of the service account for which the credentials
+  // are requested, in the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+  string name = 1;
+
+  // The sequence of service accounts in a delegation chain. Each service
+  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on its next service account in the chain. The last service account in the
+  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on the service account that is specified in the `name` field of the
+  // request.
+  //
+  // The delegates must have the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+  repeated string delegates = 3;
+
+  // The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+  string payload = 5;
+}
+
+message SignJwtResponse {
+  // The ID of the key used to sign the JWT.
+  string key_id = 1;
+
+  // The signed JWT.
+  string signed_jwt = 2;
+}
+
+message GenerateIdTokenRequest {
+  // The resource name of the service account for which the credentials
+  // are requested, in the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+  string name = 1;
+
+  // The sequence of service accounts in a delegation chain. Each service
+  // account must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on its next service account in the chain. The last service account in the
+  // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
+  // on the service account that is specified in the `name` field of the
+  // request.
+  //
+  // The delegates must have the following format:
+  // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+  repeated string delegates = 2;
+
+  // The audience for the token, such as the API or account that this token
+  // grants access to.
+  string audience = 3;
+
+  // Include the service account email in the token. If set to `true`, the
+  // token will contain `email` and `email_verified` claims.
+  bool include_email = 4;
+}
+
+message GenerateIdTokenResponse {
+  // The OpenId Connect ID token.
+  string token = 1;
+}
+
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/iamcredentials.proto b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/iamcredentials.proto
new file mode 100644
index 000000000000..9ab1c3240c19
--- /dev/null
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/proto/google/iam/credentials/v1/iamcredentials.proto
@@ -0,0 +1,70 @@
+// Copyright 2018 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.iam.credentials.v1;
+
+import "google/api/annotations.proto";
+import "google/iam/credentials/v1/common.proto";
+
+option cc_enable_arenas = true;
+option go_package = "google.golang.org/genproto/googleapis/iam/credentials/v1;credentials";
+option java_multiple_files = true;
+option java_outer_classname = "IAMCredentialsProto";
+option java_package = "com.google.cloud.iam.credentials.v1";
+
+
+// A service account is a special type of Google account that belongs to your
+// application or a virtual machine (VM), instead of to an individual end user.
+// Your application assumes the identity of the service account to call Google
+// APIs, so that the users aren't directly involved.
+//
+// Service account credentials are used to temporarily assume the identity
+// of the service account. Supported credential types include OAuth 2.0 access
+// tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
+// more.
+service IAMCredentials {
+  // Generates an OAuth 2.0 access token for a service account.
+  rpc GenerateAccessToken(GenerateAccessTokenRequest) returns (GenerateAccessTokenResponse) {
+    option (google.api.http) = {
+      post: "/v1/{name=projects/*/serviceAccounts/*}:generateAccessToken"
+      body: "*"
+    };
+  }
+
+  // Generates an OpenID Connect ID token for a service account.
+  rpc GenerateIdToken(GenerateIdTokenRequest) returns (GenerateIdTokenResponse) {
+    option (google.api.http) = {
+      post: "/v1/{name=projects/*/serviceAccounts/*}:generateIdToken"
+      body: "*"
+    };
+  }
+
+  // Signs a blob using a service account's system-managed private key.
+  rpc SignBlob(SignBlobRequest) returns (SignBlobResponse) {
+    option (google.api.http) = {
+      post: "/v1/{name=projects/*/serviceAccounts/*}:signBlob"
+      body: "*"
+    };
+  }
+
+  // Signs a JWT using a service account's system-managed private key.
+  rpc SignJwt(SignJwtRequest) returns (SignJwtResponse) {
+    option (google.api.http) = {
+      post: "/v1/{name=projects/*/serviceAccounts/*}:signJwt"
+      body: "*"
+    };
+  }
+}
diff --git a/google-cloud-bom/pom.xml b/google-cloud-bom/pom.xml
index c79e1c4a0097..8e92d69719ed 100644
--- a/google-cloud-bom/pom.xml
+++ b/google-cloud-bom/pom.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version='1.0' encoding='UTF-8'?>
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.google.cloud</groupId>
@@ -890,7 +890,7 @@
         <artifactId>grpc-google-cloud-websecurityscanner-v1alpha</artifactId>
         <version>0.38.1-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-websecurityscanner-v1alpha:current} -->
       </dependency>
-    </dependencies>
+    <dependency><groupId>com.google.api.grpc</groupId><artifactId>proto-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:proto-google-cloud-iamcredentials-v1:current}--></dependency><dependency><groupId>com.google.api.grpc</groupId><artifactId>grpc-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:grpc-google-cloud-iamcredentials-v1:current}--></dependency><dependency><groupId>com.google.cloud</groupId><artifactId>google-cloud-iamcredentials</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:google-cloud-iamcredentials:current}--></dependency></dependencies>
   </dependencyManagement>
 
   <build>
diff --git a/google-cloud-clients/google-cloud-iamcredentials/README.md b/google-cloud-clients/google-cloud-iamcredentials/README.md
new file mode 100644
index 000000000000..9797db1bd6ec
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/README.md
@@ -0,0 +1,100 @@
+Google Cloud Java Client for FIXME
+===================================================
+
+Java idiomatic client for [FIXME][product-overview].
+
+[![Kokoro CI](http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/master.svg)](http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/master.html)
+[![Maven](https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-iamcredentials.svg)](https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-iamcredentials.svg)
+[![Codacy Badge](https://api.codacy.com/project/badge/grade/9da006ad7c3a4fe1abd142e77c003917)](https://www.codacy.com/app/mziccard/google-cloud-java)
+
+- [Product Documentation][product-docs]
+- [Client Library Documentation][lib-docs]
+
+> Note: This client is a work-in-progress, and may occasionally
+> make backwards-incompatible changes.
+
+Quickstart
+----------
+
+[//]: # ({x-version-update-start:google-cloud-iamcredentials:released})
+If you are using Maven, add this to your pom.xml file
+```xml
+<dependency>
+  <groupId>com.google.cloud</groupId>
+  <artifactId>google-cloud-iamcredentials</artifactId>
+  <version>0.71.0-beta</version>
+</dependency>
+```
+If you are using Gradle, add this to your dependencies
+```Groovy
+compile 'com.google.cloud:google-cloud-iamcredentials:0.71.0-beta'
+```
+If you are using SBT, add this to your dependencies
+```Scala
+libraryDependencies += "com.google.cloud" % "google-cloud-iamcredentials" % "0.71.0-beta"
+```
+[//]: # ({x-version-update-end})
+
+Authentication
+--------------
+
+See the [Authentication](https://github.com/GoogleCloudPlatform/google-cloud-java#authentication) section in the base directory's README.
+
+About FIXME
+----------------------------
+
+[FIXME][product-overview] FIXME
+
+See the [FIXME client library docs][lib-docs] to learn how to use this FIXME Client Library.
+
+Getting Started
+---------------
+#### Prerequisites
+You will need a [Google Developers Console](https://console.developers.google.com/) project with the FIXME API enabled. [Follow these instructions](https://cloud.google.com/resource-manager/docs/creating-managing-projects) to get your project set up. You will also need to set up the local development environment by [installing the Google Cloud SDK](https://cloud.google.com/sdk/) and running the following commands in command line: `gcloud auth login` and `gcloud config set project [YOUR PROJECT ID]`.
+
+#### Installation and setup
+You'll need to obtain the `google-cloud-iamcredentials` library.  See the [Quickstart](#quickstart) section to add `google-cloud-iamcredentials` as a dependency in your code.
+
+Troubleshooting
+---------------
+
+To get help, follow the instructions in the [shared Troubleshooting document](https://github.com/googleapis/google-cloud-common/blob/master/troubleshooting/readme.md#troubleshooting).
+
+Transport
+---------
+FIXME uses gRPC for the transport layer.
+
+Java Versions
+-------------
+
+Java 7 or above is required for using this client.
+
+Versioning
+----------
+
+This library follows [Semantic Versioning](http://semver.org/).
+
+It is currently in major version zero (``0.y.z``), which means that anything may change at any time and the public API should not be considered stable.
+
+Contributing
+------------
+
+Contributions to this library are always welcome and highly encouraged.
+
+See `google-cloud`'s [CONTRIBUTING] documentation and the [shared documentation](https://github.com/googleapis/google-cloud-common/blob/master/contributing/readme.md#how-to-contribute-to-gcloud) for more information on how to get started.
+
+Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms. See [Code of Conduct][code-of-conduct] for more information.
+
+License
+-------
+
+Apache 2.0 - See [LICENSE] for more information.
+
+
+[CONTRIBUTING]:https://github.com/GoogleCloudPlatform/google-cloud-java/blob/master/CONTRIBUTING.md
+[code-of-conduct]:https://github.com/GoogleCloudPlatform/google-cloud-java/blob/master/CODE_OF_CONDUCT.md#contributor-code-of-conduct
+[LICENSE]: https://github.com/GoogleCloudPlatform/google-cloud-java/blob/master/LICENSE
+[cloud-platform]: https://cloud.google.com/
+[product-overview]: FIXME
+[product-docs]: FIXME
+[lib-docs]: https://googleapis.github.io/google-cloud-java/google-cloud-clients/apidocs/index.html?com/google/cloud/iamcredentials/v1/package-summary.html
\ No newline at end of file
diff --git a/google-cloud-clients/google-cloud-iamcredentials/pom.xml b/google-cloud-clients/google-cloud-iamcredentials/pom.xml
new file mode 100644
index 000000000000..767400bb541b
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/pom.xml
@@ -0,0 +1,87 @@
+<?xml version="1.0"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <artifactId>google-cloud-iamcredentials</artifactId>
+  <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-cloud-iamcredentials:current} -->
+  <packaging>jar</packaging>
+  <name>FIXME</name>
+  <url>https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-iamcredentials</url>
+  <description>
+    FIXME
+  </description>
+  <parent>
+    <groupId>com.google.cloud</groupId>
+    <artifactId>google-cloud-clients</artifactId>
+    <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-cloud-clients:current} -->
+  </parent>
+  <properties>
+    <site.installationModule>google-cloud-iamcredentials</site.installationModule>
+  </properties>
+  <dependencies>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>google-cloud-core</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>google-cloud-core-grpc</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-cloud-iamcredentials-v1</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>grpc-google-cloud-iamcredentials-v1</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-netty-shaded</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-stub</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-auth</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>google-cloud-core</artifactId>
+      <type>test-jar</type>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.easymock</groupId>
+      <artifactId>easymock</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.objenesis</groupId>
+      <artifactId>objenesis</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.truth</groupId>
+      <artifactId>truth</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>grpc-google-iam-v1</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.api</groupId>
+      <artifactId>gax-grpc</artifactId>
+      <classifier>testlib</classifier>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+</project>
\ No newline at end of file
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java
new file mode 100644
index 000000000000..f3383425bef4
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java
@@ -0,0 +1,582 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.api.pathtemplate.PathTemplate;
+import com.google.cloud.iam.credentials.v1.stub.IamCredentialsStub;
+import com.google.cloud.iam.credentials.v1.stub.IamCredentialsStubSettings;
+import com.google.protobuf.ByteString;
+import com.google.protobuf.Duration;
+import java.io.IOException;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND SERVICE
+/**
+ * Service Description: A service account is a special type of Google account that belongs to your
+ * application or a virtual machine (VM), instead of to an individual end user. Your application
+ * assumes the identity of the service account to call Google APIs, so that the users aren't
+ * directly involved.
+ *
+ * <p>Service account credentials are used to temporarily assume the identity of the service
+ * account. Supported credential types include OAuth 2.0 access tokens, OpenID Connect ID tokens,
+ * self-signed JSON Web Tokens (JWTs), and more.
+ *
+ * <p>This class provides the ability to make remote calls to the backing service through method
+ * calls that map to API methods. Sample code to get started:
+ *
+ * <pre>
+ * <code>
+ * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+ *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+ *   List&lt;String&gt; delegates = new ArrayList&lt;&gt;();
+ *   List&lt;String&gt; scope = new ArrayList&lt;&gt;();
+ *   Duration lifetime = Duration.newBuilder().build();
+ *   GenerateAccessTokenResponse response = iamCredentialsClient.generateAccessToken(formattedName, delegates, scope, lifetime);
+ * }
+ * </code>
+ * </pre>
+ *
+ * <p>Note: close() needs to be called on the iamCredentialsClient object to clean up resources such
+ * as threads. In the example above, try-with-resources is used, which automatically calls close().
+ *
+ * <p>The surface of this class includes several types of Java methods for each of the API's
+ * methods:
+ *
+ * <ol>
+ *   <li> A "flattened" method. With this type of method, the fields of the request type have been
+ *       converted into function parameters. It may be the case that not all fields are available as
+ *       parameters, and not every API method will have a flattened method entry point.
+ *   <li> A "request object" method. This type of method only takes one parameter, a request object,
+ *       which must be constructed before the call. Not every API method will have a request object
+ *       method.
+ *   <li> A "callable" method. This type of method takes no parameters and returns an immutable API
+ *       callable object, which can be used to initiate calls to the service.
+ * </ol>
+ *
+ * <p>See the individual methods for example code.
+ *
+ * <p>Many parameters require resource names to be formatted in a particular way. To assist with
+ * these names, this class includes a format method for each type of name, and additionally a parse
+ * method to extract the individual identifiers contained within names that are returned.
+ *
+ * <p>This class can be customized by passing in a custom instance of IamCredentialsSettings to
+ * create(). For example:
+ *
+ * <p>To customize credentials:
+ *
+ * <pre>
+ * <code>
+ * IamCredentialsSettings iamCredentialsSettings =
+ *     IamCredentialsSettings.newBuilder()
+ *         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
+ *         .build();
+ * IamCredentialsClient iamCredentialsClient =
+ *     IamCredentialsClient.create(iamCredentialsSettings);
+ * </code>
+ * </pre>
+ *
+ * To customize the endpoint:
+ *
+ * <pre>
+ * <code>
+ * IamCredentialsSettings iamCredentialsSettings =
+ *     IamCredentialsSettings.newBuilder().setEndpoint(myEndpoint).build();
+ * IamCredentialsClient iamCredentialsClient =
+ *     IamCredentialsClient.create(iamCredentialsSettings);
+ * </code>
+ * </pre>
+ */
+@Generated("by gapic-generator")
+@BetaApi
+public class IamCredentialsClient implements BackgroundResource {
+  private final IamCredentialsSettings settings;
+  private final IamCredentialsStub stub;
+
+  private static final PathTemplate SERVICE_ACCOUNT_PATH_TEMPLATE =
+      PathTemplate.createWithoutUrlEncoding("projects/{project}/serviceAccounts/{service_account}");
+
+  /**
+   * Formats a string containing the fully-qualified path to represent a service_account resource.
+   */
+  public static final String formatServiceAccountName(String project, String serviceAccount) {
+    return SERVICE_ACCOUNT_PATH_TEMPLATE.instantiate(
+        "project", project,
+        "service_account", serviceAccount);
+  }
+
+  /**
+   * Parses the project from the given fully-qualified path which represents a service_account
+   * resource.
+   */
+  public static final String parseProjectFromServiceAccountName(String serviceAccountName) {
+    return SERVICE_ACCOUNT_PATH_TEMPLATE.parse(serviceAccountName).get("project");
+  }
+
+  /**
+   * Parses the service_account from the given fully-qualified path which represents a
+   * service_account resource.
+   */
+  public static final String parseServiceAccountFromServiceAccountName(String serviceAccountName) {
+    return SERVICE_ACCOUNT_PATH_TEMPLATE.parse(serviceAccountName).get("service_account");
+  }
+
+  /** Constructs an instance of IamCredentialsClient with default settings. */
+  public static final IamCredentialsClient create() throws IOException {
+    return create(IamCredentialsSettings.newBuilder().build());
+  }
+
+  /**
+   * Constructs an instance of IamCredentialsClient, using the given settings. The channels are
+   * created based on the settings passed in, or defaults for any settings that are not set.
+   */
+  public static final IamCredentialsClient create(IamCredentialsSettings settings)
+      throws IOException {
+    return new IamCredentialsClient(settings);
+  }
+
+  /**
+   * Constructs an instance of IamCredentialsClient, using the given stub for making calls. This is
+   * for advanced usage - prefer to use IamCredentialsSettings}.
+   */
+  @BetaApi("A restructuring of stub classes is planned, so this may break in the future")
+  public static final IamCredentialsClient create(IamCredentialsStub stub) {
+    return new IamCredentialsClient(stub);
+  }
+
+  /**
+   * Constructs an instance of IamCredentialsClient, using the given settings. This is protected so
+   * that it is easy to make a subclass, but otherwise, the static factory methods should be
+   * preferred.
+   */
+  protected IamCredentialsClient(IamCredentialsSettings settings) throws IOException {
+    this.settings = settings;
+    this.stub = ((IamCredentialsStubSettings) settings.getStubSettings()).createStub();
+  }
+
+  @BetaApi("A restructuring of stub classes is planned, so this may break in the future")
+  protected IamCredentialsClient(IamCredentialsStub stub) {
+    this.settings = null;
+    this.stub = stub;
+  }
+
+  public final IamCredentialsSettings getSettings() {
+    return settings;
+  }
+
+  @BetaApi("A restructuring of stub classes is planned, so this may break in the future")
+  public IamCredentialsStub getStub() {
+    return stub;
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Generates an OAuth 2.0 access token for a service account.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   List&lt;String&gt; delegates = new ArrayList&lt;&gt;();
+   *   List&lt;String&gt; scope = new ArrayList&lt;&gt;();
+   *   Duration lifetime = Duration.newBuilder().build();
+   *   GenerateAccessTokenResponse response = iamCredentialsClient.generateAccessToken(formattedName, delegates, scope, lifetime);
+   * }
+   * </code></pre>
+   *
+   * @param name The resource name of the service account for which the credentials are requested,
+   *     in the following format: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * @param delegates The sequence of service accounts in a delegation chain. Each service account
+   *     must be granted the `roles/iam.serviceAccountTokenCreator` role on its next service account
+   *     in the chain. The last service account in the chain must be granted the
+   *     `roles/iam.serviceAccountTokenCreator` role on the service account that is specified in the
+   *     `name` field of the request.
+   *     <p>The delegates must have the following format:
+   *     `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * @param scope Code to identify the scopes to be included in the OAuth 2.0 access token. See
+   *     https://developers.google.com/identity/protocols/googlescopes for more information. At
+   *     least one value required.
+   * @param lifetime The desired lifetime duration of the access token in seconds. Must be set to a
+   *     value less than or equal to 3600 (1 hour). If a value is not specified, the token's
+   *     lifetime will be set to a default value of one hour.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final GenerateAccessTokenResponse generateAccessToken(
+      String name, List<String> delegates, List<String> scope, Duration lifetime) {
+    SERVICE_ACCOUNT_PATH_TEMPLATE.validate(name, "generateAccessToken");
+    GenerateAccessTokenRequest request =
+        GenerateAccessTokenRequest.newBuilder()
+            .setName(name)
+            .addAllDelegates(delegates)
+            .addAllScope(scope)
+            .setLifetime(lifetime)
+            .build();
+    return generateAccessToken(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Generates an OAuth 2.0 access token for a service account.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   List&lt;String&gt; scope = new ArrayList&lt;&gt;();
+   *   GenerateAccessTokenRequest request = GenerateAccessTokenRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .addAllScope(scope)
+   *     .build();
+   *   GenerateAccessTokenResponse response = iamCredentialsClient.generateAccessToken(request);
+   * }
+   * </code></pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final GenerateAccessTokenResponse generateAccessToken(GenerateAccessTokenRequest request) {
+    return generateAccessTokenCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Generates an OAuth 2.0 access token for a service account.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   List&lt;String&gt; scope = new ArrayList&lt;&gt;();
+   *   GenerateAccessTokenRequest request = GenerateAccessTokenRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .addAllScope(scope)
+   *     .build();
+   *   ApiFuture&lt;GenerateAccessTokenResponse&gt; future = iamCredentialsClient.generateAccessTokenCallable().futureCall(request);
+   *   // Do something
+   *   GenerateAccessTokenResponse response = future.get();
+   * }
+   * </code></pre>
+   */
+  public final UnaryCallable<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenCallable() {
+    return stub.generateAccessTokenCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Generates an OpenID Connect ID token for a service account.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   List&lt;String&gt; delegates = new ArrayList&lt;&gt;();
+   *   String audience = "";
+   *   boolean includeEmail = false;
+   *   GenerateIdTokenResponse response = iamCredentialsClient.generateIdToken(formattedName, delegates, audience, includeEmail);
+   * }
+   * </code></pre>
+   *
+   * @param name The resource name of the service account for which the credentials are requested,
+   *     in the following format: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * @param delegates The sequence of service accounts in a delegation chain. Each service account
+   *     must be granted the `roles/iam.serviceAccountTokenCreator` role on its next service account
+   *     in the chain. The last service account in the chain must be granted the
+   *     `roles/iam.serviceAccountTokenCreator` role on the service account that is specified in the
+   *     `name` field of the request.
+   *     <p>The delegates must have the following format:
+   *     `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * @param audience The audience for the token, such as the API or account that this token grants
+   *     access to.
+   * @param includeEmail Include the service account email in the token. If set to `true`, the token
+   *     will contain `email` and `email_verified` claims.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final GenerateIdTokenResponse generateIdToken(
+      String name, List<String> delegates, String audience, boolean includeEmail) {
+    SERVICE_ACCOUNT_PATH_TEMPLATE.validate(name, "generateIdToken");
+    GenerateIdTokenRequest request =
+        GenerateIdTokenRequest.newBuilder()
+            .setName(name)
+            .addAllDelegates(delegates)
+            .setAudience(audience)
+            .setIncludeEmail(includeEmail)
+            .build();
+    return generateIdToken(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Generates an OpenID Connect ID token for a service account.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   String audience = "";
+   *   GenerateIdTokenRequest request = GenerateIdTokenRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .setAudience(audience)
+   *     .build();
+   *   GenerateIdTokenResponse response = iamCredentialsClient.generateIdToken(request);
+   * }
+   * </code></pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final GenerateIdTokenResponse generateIdToken(GenerateIdTokenRequest request) {
+    return generateIdTokenCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Generates an OpenID Connect ID token for a service account.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   String audience = "";
+   *   GenerateIdTokenRequest request = GenerateIdTokenRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .setAudience(audience)
+   *     .build();
+   *   ApiFuture&lt;GenerateIdTokenResponse&gt; future = iamCredentialsClient.generateIdTokenCallable().futureCall(request);
+   *   // Do something
+   *   GenerateIdTokenResponse response = future.get();
+   * }
+   * </code></pre>
+   */
+  public final UnaryCallable<GenerateIdTokenRequest, GenerateIdTokenResponse>
+      generateIdTokenCallable() {
+    return stub.generateIdTokenCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Signs a blob using a service account's system-managed private key.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   List&lt;String&gt; delegates = new ArrayList&lt;&gt;();
+   *   ByteString payload = ByteString.copyFromUtf8("");
+   *   SignBlobResponse response = iamCredentialsClient.signBlob(formattedName, delegates, payload);
+   * }
+   * </code></pre>
+   *
+   * @param name The resource name of the service account for which the credentials are requested,
+   *     in the following format: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * @param delegates The sequence of service accounts in a delegation chain. Each service account
+   *     must be granted the `roles/iam.serviceAccountTokenCreator` role on its next service account
+   *     in the chain. The last service account in the chain must be granted the
+   *     `roles/iam.serviceAccountTokenCreator` role on the service account that is specified in the
+   *     `name` field of the request.
+   *     <p>The delegates must have the following format:
+   *     `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * @param payload The bytes to sign.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final SignBlobResponse signBlob(String name, List<String> delegates, ByteString payload) {
+    SERVICE_ACCOUNT_PATH_TEMPLATE.validate(name, "signBlob");
+    SignBlobRequest request =
+        SignBlobRequest.newBuilder()
+            .setName(name)
+            .addAllDelegates(delegates)
+            .setPayload(payload)
+            .build();
+    return signBlob(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Signs a blob using a service account's system-managed private key.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   ByteString payload = ByteString.copyFromUtf8("");
+   *   SignBlobRequest request = SignBlobRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .setPayload(payload)
+   *     .build();
+   *   SignBlobResponse response = iamCredentialsClient.signBlob(request);
+   * }
+   * </code></pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final SignBlobResponse signBlob(SignBlobRequest request) {
+    return signBlobCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Signs a blob using a service account's system-managed private key.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   ByteString payload = ByteString.copyFromUtf8("");
+   *   SignBlobRequest request = SignBlobRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .setPayload(payload)
+   *     .build();
+   *   ApiFuture&lt;SignBlobResponse&gt; future = iamCredentialsClient.signBlobCallable().futureCall(request);
+   *   // Do something
+   *   SignBlobResponse response = future.get();
+   * }
+   * </code></pre>
+   */
+  public final UnaryCallable<SignBlobRequest, SignBlobResponse> signBlobCallable() {
+    return stub.signBlobCallable();
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Signs a JWT using a service account's system-managed private key.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   List&lt;String&gt; delegates = new ArrayList&lt;&gt;();
+   *   String payload = "";
+   *   SignJwtResponse response = iamCredentialsClient.signJwt(formattedName, delegates, payload);
+   * }
+   * </code></pre>
+   *
+   * @param name The resource name of the service account for which the credentials are requested,
+   *     in the following format: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
+   * @param delegates The sequence of service accounts in a delegation chain. Each service account
+   *     must be granted the `roles/iam.serviceAccountTokenCreator` role on its next service account
+   *     in the chain. The last service account in the chain must be granted the
+   *     `roles/iam.serviceAccountTokenCreator` role on the service account that is specified in the
+   *     `name` field of the request.
+   *     <p>The delegates must have the following format:
+   *     `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
+   * @param payload The JWT payload to sign: a JSON object that contains a JWT Claims Set.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final SignJwtResponse signJwt(String name, List<String> delegates, String payload) {
+    SERVICE_ACCOUNT_PATH_TEMPLATE.validate(name, "signJwt");
+    SignJwtRequest request =
+        SignJwtRequest.newBuilder()
+            .setName(name)
+            .addAllDelegates(delegates)
+            .setPayload(payload)
+            .build();
+    return signJwt(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Signs a JWT using a service account's system-managed private key.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   String payload = "";
+   *   SignJwtRequest request = SignJwtRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .setPayload(payload)
+   *     .build();
+   *   SignJwtResponse response = iamCredentialsClient.signJwt(request);
+   * }
+   * </code></pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final SignJwtResponse signJwt(SignJwtRequest request) {
+    return signJwtCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD
+  /**
+   * Signs a JWT using a service account's system-managed private key.
+   *
+   * <p>Sample code:
+   *
+   * <pre><code>
+   * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+   *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+   *   String payload = "";
+   *   SignJwtRequest request = SignJwtRequest.newBuilder()
+   *     .setName(formattedName)
+   *     .setPayload(payload)
+   *     .build();
+   *   ApiFuture&lt;SignJwtResponse&gt; future = iamCredentialsClient.signJwtCallable().futureCall(request);
+   *   // Do something
+   *   SignJwtResponse response = future.get();
+   * }
+   * </code></pre>
+   */
+  public final UnaryCallable<SignJwtRequest, SignJwtResponse> signJwtCallable() {
+    return stub.signJwtCallable();
+  }
+
+  @Override
+  public final void close() {
+    stub.close();
+  }
+
+  @Override
+  public void shutdown() {
+    stub.shutdown();
+  }
+
+  @Override
+  public boolean isShutdown() {
+    return stub.isShutdown();
+  }
+
+  @Override
+  public boolean isTerminated() {
+    return stub.isTerminated();
+  }
+
+  @Override
+  public void shutdownNow() {
+    stub.shutdownNow();
+  }
+
+  @Override
+  public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException {
+    return stub.awaitTermination(duration, unit);
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsSettings.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsSettings.java
new file mode 100644
index 000000000000..363a5a534f1c
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsSettings.java
@@ -0,0 +1,209 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1;
+
+import com.google.api.core.ApiFunction;
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.GoogleCredentialsProvider;
+import com.google.api.gax.core.InstantiatingExecutorProvider;
+import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.ClientSettings;
+import com.google.api.gax.rpc.TransportChannelProvider;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.cloud.iam.credentials.v1.stub.IamCredentialsStubSettings;
+import java.io.IOException;
+import java.util.List;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+/**
+ * Settings class to configure an instance of {@link IamCredentialsClient}.
+ *
+ * <p>The default instance has everything set to sensible defaults:
+ *
+ * <ul>
+ *   <li>The default service address (iamcredentials.googleapis.com) and default port (443) are
+ *       used.
+ *   <li>Credentials are acquired automatically through Application Default Credentials.
+ *   <li>Retries are configured for idempotent methods but not for non-idempotent methods.
+ * </ul>
+ *
+ * <p>The builder of this class is recursive, so contained classes are themselves builders. When
+ * build() is called, the tree of builders is called to create the complete settings object. For
+ * example, to set the total timeout of generateAccessToken to 30 seconds:
+ *
+ * <pre>
+ * <code>
+ * IamCredentialsSettings.Builder iamCredentialsSettingsBuilder =
+ *     IamCredentialsSettings.newBuilder();
+ * iamCredentialsSettingsBuilder.generateAccessTokenSettings().getRetrySettings().toBuilder()
+ *     .setTotalTimeout(Duration.ofSeconds(30));
+ * IamCredentialsSettings iamCredentialsSettings = iamCredentialsSettingsBuilder.build();
+ * </code>
+ * </pre>
+ */
+@Generated("by gapic-generator")
+@BetaApi
+public class IamCredentialsSettings extends ClientSettings<IamCredentialsSettings> {
+  /** Returns the object with the settings used for calls to generateAccessToken. */
+  public UnaryCallSettings<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenSettings() {
+    return ((IamCredentialsStubSettings) getStubSettings()).generateAccessTokenSettings();
+  }
+
+  /** Returns the object with the settings used for calls to generateIdToken. */
+  public UnaryCallSettings<GenerateIdTokenRequest, GenerateIdTokenResponse>
+      generateIdTokenSettings() {
+    return ((IamCredentialsStubSettings) getStubSettings()).generateIdTokenSettings();
+  }
+
+  /** Returns the object with the settings used for calls to signBlob. */
+  public UnaryCallSettings<SignBlobRequest, SignBlobResponse> signBlobSettings() {
+    return ((IamCredentialsStubSettings) getStubSettings()).signBlobSettings();
+  }
+
+  /** Returns the object with the settings used for calls to signJwt. */
+  public UnaryCallSettings<SignJwtRequest, SignJwtResponse> signJwtSettings() {
+    return ((IamCredentialsStubSettings) getStubSettings()).signJwtSettings();
+  }
+
+  public static final IamCredentialsSettings create(IamCredentialsStubSettings stub)
+      throws IOException {
+    return new IamCredentialsSettings.Builder(stub.toBuilder()).build();
+  }
+
+  /** Returns a builder for the default ExecutorProvider for this service. */
+  public static InstantiatingExecutorProvider.Builder defaultExecutorProviderBuilder() {
+    return IamCredentialsStubSettings.defaultExecutorProviderBuilder();
+  }
+
+  /** Returns the default service endpoint. */
+  public static String getDefaultEndpoint() {
+    return IamCredentialsStubSettings.getDefaultEndpoint();
+  }
+
+  /** Returns the default service scopes. */
+  public static List<String> getDefaultServiceScopes() {
+    return IamCredentialsStubSettings.getDefaultServiceScopes();
+  }
+
+  /** Returns a builder for the default credentials for this service. */
+  public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilder() {
+    return IamCredentialsStubSettings.defaultCredentialsProviderBuilder();
+  }
+
+  /** Returns a builder for the default ChannelProvider for this service. */
+  public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() {
+    return IamCredentialsStubSettings.defaultGrpcTransportProviderBuilder();
+  }
+
+  public static TransportChannelProvider defaultTransportChannelProvider() {
+    return IamCredentialsStubSettings.defaultTransportChannelProvider();
+  }
+
+  @BetaApi("The surface for customizing headers is not stable yet and may change in the future.")
+  public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() {
+    return IamCredentialsStubSettings.defaultApiClientHeaderProviderBuilder();
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder() {
+    return Builder.createDefault();
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder(ClientContext clientContext) {
+    return new Builder(clientContext);
+  }
+
+  /** Returns a builder containing all the values of this settings class. */
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  protected IamCredentialsSettings(Builder settingsBuilder) throws IOException {
+    super(settingsBuilder);
+  }
+
+  /** Builder for IamCredentialsSettings. */
+  public static class Builder extends ClientSettings.Builder<IamCredentialsSettings, Builder> {
+    protected Builder() throws IOException {
+      this((ClientContext) null);
+    }
+
+    protected Builder(ClientContext clientContext) {
+      super(IamCredentialsStubSettings.newBuilder(clientContext));
+    }
+
+    private static Builder createDefault() {
+      return new Builder(IamCredentialsStubSettings.newBuilder());
+    }
+
+    protected Builder(IamCredentialsSettings settings) {
+      super(settings.getStubSettings().toBuilder());
+    }
+
+    protected Builder(IamCredentialsStubSettings.Builder stubSettings) {
+      super(stubSettings);
+    }
+
+    public IamCredentialsStubSettings.Builder getStubSettingsBuilder() {
+      return ((IamCredentialsStubSettings.Builder) getStubSettings());
+    }
+
+    // NEXT_MAJOR_VER: remove 'throws Exception'
+    /**
+     * Applies the given settings updater function to all of the unary API methods in this service.
+     *
+     * <p>Note: This method does not support applying settings to streaming methods.
+     */
+    public Builder applyToAllUnaryMethods(
+        ApiFunction<UnaryCallSettings.Builder<?, ?>, Void> settingsUpdater) throws Exception {
+      super.applyToAllUnaryMethods(
+          getStubSettingsBuilder().unaryMethodSettingsBuilders(), settingsUpdater);
+      return this;
+    }
+
+    /** Returns the builder for the settings used for calls to generateAccessToken. */
+    public UnaryCallSettings.Builder<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+        generateAccessTokenSettings() {
+      return getStubSettingsBuilder().generateAccessTokenSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to generateIdToken. */
+    public UnaryCallSettings.Builder<GenerateIdTokenRequest, GenerateIdTokenResponse>
+        generateIdTokenSettings() {
+      return getStubSettingsBuilder().generateIdTokenSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to signBlob. */
+    public UnaryCallSettings.Builder<SignBlobRequest, SignBlobResponse> signBlobSettings() {
+      return getStubSettingsBuilder().signBlobSettings();
+    }
+
+    /** Returns the builder for the settings used for calls to signJwt. */
+    public UnaryCallSettings.Builder<SignJwtRequest, SignJwtResponse> signJwtSettings() {
+      return getStubSettingsBuilder().signJwtSettings();
+    }
+
+    @Override
+    public IamCredentialsSettings build() throws IOException {
+      return new IamCredentialsSettings(this);
+    }
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/package-info.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/package-info.java
new file mode 100644
index 000000000000..8a52bac81454
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/package-info.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * A client to IAM Service Account Credentials API.
+ *
+ * <p>The interfaces provided are listed below, along with usage samples.
+ *
+ * <p>==================== IamCredentialsClient ====================
+ *
+ * <p>Service Description: A service account is a special type of Google account that belongs to
+ * your application or a virtual machine (VM), instead of to an individual end user. Your
+ * application assumes the identity of the service account to call Google APIs, so that the users
+ * aren't directly involved.
+ *
+ * <p>Service account credentials are used to temporarily assume the identity of the service
+ * account. Supported credential types include OAuth 2.0 access tokens, OpenID Connect ID tokens,
+ * self-signed JSON Web Tokens (JWTs), and more.
+ *
+ * <p>Sample for IamCredentialsClient:
+ *
+ * <pre>
+ * <code>
+ * try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create()) {
+ *   String formattedName = IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+ *   List&lt;String&gt; delegates = new ArrayList&lt;&gt;();
+ *   List&lt;String&gt; scope = new ArrayList&lt;&gt;();
+ *   Duration lifetime = Duration.newBuilder().build();
+ *   GenerateAccessTokenResponse response = iamCredentialsClient.generateAccessToken(formattedName, delegates, scope, lifetime);
+ * }
+ * </code>
+ * </pre>
+ */
+package com.google.cloud.iam.credentials.v1;
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java
new file mode 100644
index 000000000000..fd360085508a
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1.stub;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.grpc.GrpcCallSettings;
+import com.google.api.gax.grpc.GrpcCallableFactory;
+import com.google.api.gax.grpc.GrpcStubCallableFactory;
+import com.google.api.gax.rpc.BatchingCallSettings;
+import com.google.api.gax.rpc.BidiStreamingCallable;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.ClientStreamingCallable;
+import com.google.api.gax.rpc.OperationCallSettings;
+import com.google.api.gax.rpc.OperationCallable;
+import com.google.api.gax.rpc.PagedCallSettings;
+import com.google.api.gax.rpc.ServerStreamingCallSettings;
+import com.google.api.gax.rpc.ServerStreamingCallable;
+import com.google.api.gax.rpc.StreamingCallSettings;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.longrunning.Operation;
+import com.google.longrunning.stub.OperationsStub;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+/**
+ * gRPC callable factory implementation for IAM Service Account Credentials API.
+ *
+ * <p>This class is for advanced usage.
+ */
+@Generated("by gapic-generator")
+@BetaApi("The surface for use by generated code is not stable yet and may change in the future.")
+public class GrpcIamCredentialsCallableFactory implements GrpcStubCallableFactory {
+  @Override
+  public <RequestT, ResponseT> UnaryCallable<RequestT, ResponseT> createUnaryCallable(
+      GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+      UnaryCallSettings<RequestT, ResponseT> callSettings,
+      ClientContext clientContext) {
+    return GrpcCallableFactory.createUnaryCallable(grpcCallSettings, callSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT, PagedListResponseT>
+      UnaryCallable<RequestT, PagedListResponseT> createPagedCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          PagedCallSettings<RequestT, ResponseT, PagedListResponseT> pagedCallSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createPagedCallable(
+        grpcCallSettings, pagedCallSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT> UnaryCallable<RequestT, ResponseT> createBatchingCallable(
+      GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+      BatchingCallSettings<RequestT, ResponseT> batchingCallSettings,
+      ClientContext clientContext) {
+    return GrpcCallableFactory.createBatchingCallable(
+        grpcCallSettings, batchingCallSettings, clientContext);
+  }
+
+  @BetaApi(
+      "The surface for long-running operations is not stable yet and may change in the future.")
+  @Override
+  public <RequestT, ResponseT, MetadataT>
+      OperationCallable<RequestT, ResponseT, MetadataT> createOperationCallable(
+          GrpcCallSettings<RequestT, com.google.longrunning.Operation> grpcCallSettings,
+          OperationCallSettings<RequestT, ResponseT, MetadataT> operationCallSettings,
+          ClientContext clientContext,
+          OperationsStub operationsStub) {
+    return GrpcCallableFactory.createOperationCallable(
+        grpcCallSettings, operationCallSettings, clientContext, operationsStub);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      BidiStreamingCallable<RequestT, ResponseT> createBidiStreamingCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          StreamingCallSettings<RequestT, ResponseT> streamingCallSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createBidiStreamingCallable(
+        grpcCallSettings, streamingCallSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      ServerStreamingCallable<RequestT, ResponseT> createServerStreamingCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          ServerStreamingCallSettings<RequestT, ResponseT> streamingCallSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createServerStreamingCallable(
+        grpcCallSettings, streamingCallSettings, clientContext);
+  }
+
+  @Override
+  public <RequestT, ResponseT>
+      ClientStreamingCallable<RequestT, ResponseT> createClientStreamingCallable(
+          GrpcCallSettings<RequestT, ResponseT> grpcCallSettings,
+          StreamingCallSettings<RequestT, ResponseT> streamingCallSettings,
+          ClientContext clientContext) {
+    return GrpcCallableFactory.createClientStreamingCallable(
+        grpcCallSettings, streamingCallSettings, clientContext);
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsStub.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsStub.java
new file mode 100644
index 000000000000..bed050b4a10e
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsStub.java
@@ -0,0 +1,218 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1.stub;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.core.BackgroundResourceAggregation;
+import com.google.api.gax.grpc.GrpcCallSettings;
+import com.google.api.gax.grpc.GrpcStubCallableFactory;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest;
+import com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse;
+import com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest;
+import com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse;
+import com.google.cloud.iam.credentials.v1.SignBlobRequest;
+import com.google.cloud.iam.credentials.v1.SignBlobResponse;
+import com.google.cloud.iam.credentials.v1.SignJwtRequest;
+import com.google.cloud.iam.credentials.v1.SignJwtResponse;
+import io.grpc.MethodDescriptor;
+import io.grpc.protobuf.ProtoUtils;
+import java.io.IOException;
+import java.util.concurrent.TimeUnit;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+/**
+ * gRPC stub implementation for IAM Service Account Credentials API.
+ *
+ * <p>This class is for advanced usage and reflects the underlying API directly.
+ */
+@Generated("by gapic-generator")
+@BetaApi("A restructuring of stub classes is planned, so this may break in the future")
+public class GrpcIamCredentialsStub extends IamCredentialsStub {
+
+  private static final MethodDescriptor<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenMethodDescriptor =
+          MethodDescriptor.<GenerateAccessTokenRequest, GenerateAccessTokenResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName("google.iam.credentials.v1.IAMCredentials/GenerateAccessToken")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(GenerateAccessTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(GenerateAccessTokenResponse.getDefaultInstance()))
+              .build();
+  private static final MethodDescriptor<GenerateIdTokenRequest, GenerateIdTokenResponse>
+      generateIdTokenMethodDescriptor =
+          MethodDescriptor.<GenerateIdTokenRequest, GenerateIdTokenResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName("google.iam.credentials.v1.IAMCredentials/GenerateIdToken")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(GenerateIdTokenRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(GenerateIdTokenResponse.getDefaultInstance()))
+              .build();
+  private static final MethodDescriptor<SignBlobRequest, SignBlobResponse>
+      signBlobMethodDescriptor =
+          MethodDescriptor.<SignBlobRequest, SignBlobResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName("google.iam.credentials.v1.IAMCredentials/SignBlob")
+              .setRequestMarshaller(ProtoUtils.marshaller(SignBlobRequest.getDefaultInstance()))
+              .setResponseMarshaller(ProtoUtils.marshaller(SignBlobResponse.getDefaultInstance()))
+              .build();
+  private static final MethodDescriptor<SignJwtRequest, SignJwtResponse> signJwtMethodDescriptor =
+      MethodDescriptor.<SignJwtRequest, SignJwtResponse>newBuilder()
+          .setType(MethodDescriptor.MethodType.UNARY)
+          .setFullMethodName("google.iam.credentials.v1.IAMCredentials/SignJwt")
+          .setRequestMarshaller(ProtoUtils.marshaller(SignJwtRequest.getDefaultInstance()))
+          .setResponseMarshaller(ProtoUtils.marshaller(SignJwtResponse.getDefaultInstance()))
+          .build();
+
+  private final BackgroundResource backgroundResources;
+
+  private final UnaryCallable<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenCallable;
+  private final UnaryCallable<GenerateIdTokenRequest, GenerateIdTokenResponse>
+      generateIdTokenCallable;
+  private final UnaryCallable<SignBlobRequest, SignBlobResponse> signBlobCallable;
+  private final UnaryCallable<SignJwtRequest, SignJwtResponse> signJwtCallable;
+
+  private final GrpcStubCallableFactory callableFactory;
+
+  public static final GrpcIamCredentialsStub create(IamCredentialsStubSettings settings)
+      throws IOException {
+    return new GrpcIamCredentialsStub(settings, ClientContext.create(settings));
+  }
+
+  public static final GrpcIamCredentialsStub create(ClientContext clientContext)
+      throws IOException {
+    return new GrpcIamCredentialsStub(
+        IamCredentialsStubSettings.newBuilder().build(), clientContext);
+  }
+
+  public static final GrpcIamCredentialsStub create(
+      ClientContext clientContext, GrpcStubCallableFactory callableFactory) throws IOException {
+    return new GrpcIamCredentialsStub(
+        IamCredentialsStubSettings.newBuilder().build(), clientContext, callableFactory);
+  }
+
+  /**
+   * Constructs an instance of GrpcIamCredentialsStub, using the given settings. This is protected
+   * so that it is easy to make a subclass, but otherwise, the static factory methods should be
+   * preferred.
+   */
+  protected GrpcIamCredentialsStub(IamCredentialsStubSettings settings, ClientContext clientContext)
+      throws IOException {
+    this(settings, clientContext, new GrpcIamCredentialsCallableFactory());
+  }
+
+  /**
+   * Constructs an instance of GrpcIamCredentialsStub, using the given settings. This is protected
+   * so that it is easy to make a subclass, but otherwise, the static factory methods should be
+   * preferred.
+   */
+  protected GrpcIamCredentialsStub(
+      IamCredentialsStubSettings settings,
+      ClientContext clientContext,
+      GrpcStubCallableFactory callableFactory)
+      throws IOException {
+    this.callableFactory = callableFactory;
+
+    GrpcCallSettings<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+        generateAccessTokenTransportSettings =
+            GrpcCallSettings.<GenerateAccessTokenRequest, GenerateAccessTokenResponse>newBuilder()
+                .setMethodDescriptor(generateAccessTokenMethodDescriptor)
+                .build();
+    GrpcCallSettings<GenerateIdTokenRequest, GenerateIdTokenResponse>
+        generateIdTokenTransportSettings =
+            GrpcCallSettings.<GenerateIdTokenRequest, GenerateIdTokenResponse>newBuilder()
+                .setMethodDescriptor(generateIdTokenMethodDescriptor)
+                .build();
+    GrpcCallSettings<SignBlobRequest, SignBlobResponse> signBlobTransportSettings =
+        GrpcCallSettings.<SignBlobRequest, SignBlobResponse>newBuilder()
+            .setMethodDescriptor(signBlobMethodDescriptor)
+            .build();
+    GrpcCallSettings<SignJwtRequest, SignJwtResponse> signJwtTransportSettings =
+        GrpcCallSettings.<SignJwtRequest, SignJwtResponse>newBuilder()
+            .setMethodDescriptor(signJwtMethodDescriptor)
+            .build();
+
+    this.generateAccessTokenCallable =
+        callableFactory.createUnaryCallable(
+            generateAccessTokenTransportSettings,
+            settings.generateAccessTokenSettings(),
+            clientContext);
+    this.generateIdTokenCallable =
+        callableFactory.createUnaryCallable(
+            generateIdTokenTransportSettings, settings.generateIdTokenSettings(), clientContext);
+    this.signBlobCallable =
+        callableFactory.createUnaryCallable(
+            signBlobTransportSettings, settings.signBlobSettings(), clientContext);
+    this.signJwtCallable =
+        callableFactory.createUnaryCallable(
+            signJwtTransportSettings, settings.signJwtSettings(), clientContext);
+
+    backgroundResources = new BackgroundResourceAggregation(clientContext.getBackgroundResources());
+  }
+
+  public UnaryCallable<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenCallable() {
+    return generateAccessTokenCallable;
+  }
+
+  public UnaryCallable<GenerateIdTokenRequest, GenerateIdTokenResponse> generateIdTokenCallable() {
+    return generateIdTokenCallable;
+  }
+
+  public UnaryCallable<SignBlobRequest, SignBlobResponse> signBlobCallable() {
+    return signBlobCallable;
+  }
+
+  public UnaryCallable<SignJwtRequest, SignJwtResponse> signJwtCallable() {
+    return signJwtCallable;
+  }
+
+  @Override
+  public final void close() {
+    shutdown();
+  }
+
+  @Override
+  public void shutdown() {
+    backgroundResources.shutdown();
+  }
+
+  @Override
+  public boolean isShutdown() {
+    return backgroundResources.isShutdown();
+  }
+
+  @Override
+  public boolean isTerminated() {
+    return backgroundResources.isTerminated();
+  }
+
+  @Override
+  public void shutdownNow() {
+    backgroundResources.shutdownNow();
+  }
+
+  @Override
+  public boolean awaitTermination(long duration, TimeUnit unit) throws InterruptedException {
+    return backgroundResources.awaitTermination(duration, unit);
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStub.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStub.java
new file mode 100644
index 000000000000..b6c99ff4bb74
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStub.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1.stub;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.BackgroundResource;
+import com.google.api.gax.rpc.UnaryCallable;
+import com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest;
+import com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse;
+import com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest;
+import com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse;
+import com.google.cloud.iam.credentials.v1.SignBlobRequest;
+import com.google.cloud.iam.credentials.v1.SignBlobResponse;
+import com.google.cloud.iam.credentials.v1.SignJwtRequest;
+import com.google.cloud.iam.credentials.v1.SignJwtResponse;
+import javax.annotation.Generated;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+/**
+ * Base stub class for IAM Service Account Credentials API.
+ *
+ * <p>This class is for advanced usage and reflects the underlying API directly.
+ */
+@Generated("by gapic-generator")
+@BetaApi("A restructuring of stub classes is planned, so this may break in the future")
+public abstract class IamCredentialsStub implements BackgroundResource {
+
+  public UnaryCallable<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenCallable() {
+    throw new UnsupportedOperationException("Not implemented: generateAccessTokenCallable()");
+  }
+
+  public UnaryCallable<GenerateIdTokenRequest, GenerateIdTokenResponse> generateIdTokenCallable() {
+    throw new UnsupportedOperationException("Not implemented: generateIdTokenCallable()");
+  }
+
+  public UnaryCallable<SignBlobRequest, SignBlobResponse> signBlobCallable() {
+    throw new UnsupportedOperationException("Not implemented: signBlobCallable()");
+  }
+
+  public UnaryCallable<SignJwtRequest, SignJwtResponse> signJwtCallable() {
+    throw new UnsupportedOperationException("Not implemented: signJwtCallable()");
+  }
+
+  @Override
+  public abstract void close();
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStubSettings.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStubSettings.java
new file mode 100644
index 000000000000..e6b865af9447
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/IamCredentialsStubSettings.java
@@ -0,0 +1,350 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1.stub;
+
+import com.google.api.core.ApiFunction;
+import com.google.api.core.BetaApi;
+import com.google.api.gax.core.GaxProperties;
+import com.google.api.gax.core.GoogleCredentialsProvider;
+import com.google.api.gax.core.InstantiatingExecutorProvider;
+import com.google.api.gax.grpc.GaxGrpcProperties;
+import com.google.api.gax.grpc.GrpcTransportChannel;
+import com.google.api.gax.grpc.InstantiatingGrpcChannelProvider;
+import com.google.api.gax.retrying.RetrySettings;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.ClientContext;
+import com.google.api.gax.rpc.StatusCode;
+import com.google.api.gax.rpc.StubSettings;
+import com.google.api.gax.rpc.TransportChannelProvider;
+import com.google.api.gax.rpc.UnaryCallSettings;
+import com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest;
+import com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse;
+import com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest;
+import com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse;
+import com.google.cloud.iam.credentials.v1.SignBlobRequest;
+import com.google.cloud.iam.credentials.v1.SignBlobResponse;
+import com.google.cloud.iam.credentials.v1.SignJwtRequest;
+import com.google.cloud.iam.credentials.v1.SignJwtResponse;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Lists;
+import java.io.IOException;
+import java.util.List;
+import javax.annotation.Generated;
+import org.threeten.bp.Duration;
+
+// AUTO-GENERATED DOCUMENTATION AND CLASS
+/**
+ * Settings class to configure an instance of {@link IamCredentialsStub}.
+ *
+ * <p>The default instance has everything set to sensible defaults:
+ *
+ * <ul>
+ *   <li>The default service address (iamcredentials.googleapis.com) and default port (443) are
+ *       used.
+ *   <li>Credentials are acquired automatically through Application Default Credentials.
+ *   <li>Retries are configured for idempotent methods but not for non-idempotent methods.
+ * </ul>
+ *
+ * <p>The builder of this class is recursive, so contained classes are themselves builders. When
+ * build() is called, the tree of builders is called to create the complete settings object. For
+ * example, to set the total timeout of generateAccessToken to 30 seconds:
+ *
+ * <pre>
+ * <code>
+ * IamCredentialsStubSettings.Builder iamCredentialsSettingsBuilder =
+ *     IamCredentialsStubSettings.newBuilder();
+ * iamCredentialsSettingsBuilder.generateAccessTokenSettings().getRetrySettings().toBuilder()
+ *     .setTotalTimeout(Duration.ofSeconds(30));
+ * IamCredentialsStubSettings iamCredentialsSettings = iamCredentialsSettingsBuilder.build();
+ * </code>
+ * </pre>
+ */
+@Generated("by gapic-generator")
+@BetaApi
+public class IamCredentialsStubSettings extends StubSettings<IamCredentialsStubSettings> {
+  /** The default scopes of the service. */
+  private static final ImmutableList<String> DEFAULT_SERVICE_SCOPES =
+      ImmutableList.<String>builder().add("https://www.googleapis.com/auth/cloud-platform").build();
+
+  private final UnaryCallSettings<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenSettings;
+  private final UnaryCallSettings<GenerateIdTokenRequest, GenerateIdTokenResponse>
+      generateIdTokenSettings;
+  private final UnaryCallSettings<SignBlobRequest, SignBlobResponse> signBlobSettings;
+  private final UnaryCallSettings<SignJwtRequest, SignJwtResponse> signJwtSettings;
+
+  /** Returns the object with the settings used for calls to generateAccessToken. */
+  public UnaryCallSettings<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+      generateAccessTokenSettings() {
+    return generateAccessTokenSettings;
+  }
+
+  /** Returns the object with the settings used for calls to generateIdToken. */
+  public UnaryCallSettings<GenerateIdTokenRequest, GenerateIdTokenResponse>
+      generateIdTokenSettings() {
+    return generateIdTokenSettings;
+  }
+
+  /** Returns the object with the settings used for calls to signBlob. */
+  public UnaryCallSettings<SignBlobRequest, SignBlobResponse> signBlobSettings() {
+    return signBlobSettings;
+  }
+
+  /** Returns the object with the settings used for calls to signJwt. */
+  public UnaryCallSettings<SignJwtRequest, SignJwtResponse> signJwtSettings() {
+    return signJwtSettings;
+  }
+
+  @BetaApi("A restructuring of stub classes is planned, so this may break in the future")
+  public IamCredentialsStub createStub() throws IOException {
+    if (getTransportChannelProvider()
+        .getTransportName()
+        .equals(GrpcTransportChannel.getGrpcTransportName())) {
+      return GrpcIamCredentialsStub.create(this);
+    } else {
+      throw new UnsupportedOperationException(
+          "Transport not supported: " + getTransportChannelProvider().getTransportName());
+    }
+  }
+
+  /** Returns a builder for the default ExecutorProvider for this service. */
+  public static InstantiatingExecutorProvider.Builder defaultExecutorProviderBuilder() {
+    return InstantiatingExecutorProvider.newBuilder();
+  }
+
+  /** Returns the default service endpoint. */
+  public static String getDefaultEndpoint() {
+    return "iamcredentials.googleapis.com:443";
+  }
+
+  /** Returns the default service scopes. */
+  public static List<String> getDefaultServiceScopes() {
+    return DEFAULT_SERVICE_SCOPES;
+  }
+
+  /** Returns a builder for the default credentials for this service. */
+  public static GoogleCredentialsProvider.Builder defaultCredentialsProviderBuilder() {
+    return GoogleCredentialsProvider.newBuilder().setScopesToApply(DEFAULT_SERVICE_SCOPES);
+  }
+
+  /** Returns a builder for the default ChannelProvider for this service. */
+  public static InstantiatingGrpcChannelProvider.Builder defaultGrpcTransportProviderBuilder() {
+    return InstantiatingGrpcChannelProvider.newBuilder();
+  }
+
+  public static TransportChannelProvider defaultTransportChannelProvider() {
+    return defaultGrpcTransportProviderBuilder().build();
+  }
+
+  @BetaApi("The surface for customizing headers is not stable yet and may change in the future.")
+  public static ApiClientHeaderProvider.Builder defaultApiClientHeaderProviderBuilder() {
+    return ApiClientHeaderProvider.newBuilder()
+        .setGeneratedLibToken(
+            "gapic", GaxProperties.getLibraryVersion(IamCredentialsStubSettings.class))
+        .setTransportToken(
+            GaxGrpcProperties.getGrpcTokenName(), GaxGrpcProperties.getGrpcVersion());
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder() {
+    return Builder.createDefault();
+  }
+
+  /** Returns a new builder for this class. */
+  public static Builder newBuilder(ClientContext clientContext) {
+    return new Builder(clientContext);
+  }
+
+  /** Returns a builder containing all the values of this settings class. */
+  public Builder toBuilder() {
+    return new Builder(this);
+  }
+
+  protected IamCredentialsStubSettings(Builder settingsBuilder) throws IOException {
+    super(settingsBuilder);
+
+    generateAccessTokenSettings = settingsBuilder.generateAccessTokenSettings().build();
+    generateIdTokenSettings = settingsBuilder.generateIdTokenSettings().build();
+    signBlobSettings = settingsBuilder.signBlobSettings().build();
+    signJwtSettings = settingsBuilder.signJwtSettings().build();
+  }
+
+  /** Builder for IamCredentialsStubSettings. */
+  public static class Builder extends StubSettings.Builder<IamCredentialsStubSettings, Builder> {
+    private final ImmutableList<UnaryCallSettings.Builder<?, ?>> unaryMethodSettingsBuilders;
+
+    private final UnaryCallSettings.Builder<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+        generateAccessTokenSettings;
+    private final UnaryCallSettings.Builder<GenerateIdTokenRequest, GenerateIdTokenResponse>
+        generateIdTokenSettings;
+    private final UnaryCallSettings.Builder<SignBlobRequest, SignBlobResponse> signBlobSettings;
+    private final UnaryCallSettings.Builder<SignJwtRequest, SignJwtResponse> signJwtSettings;
+
+    private static final ImmutableMap<String, ImmutableSet<StatusCode.Code>>
+        RETRYABLE_CODE_DEFINITIONS;
+
+    static {
+      ImmutableMap.Builder<String, ImmutableSet<StatusCode.Code>> definitions =
+          ImmutableMap.builder();
+      definitions.put(
+          "idempotent",
+          ImmutableSet.copyOf(
+              Lists.<StatusCode.Code>newArrayList(
+                  StatusCode.Code.DEADLINE_EXCEEDED, StatusCode.Code.UNAVAILABLE)));
+      definitions.put("non_idempotent", ImmutableSet.copyOf(Lists.<StatusCode.Code>newArrayList()));
+      RETRYABLE_CODE_DEFINITIONS = definitions.build();
+    }
+
+    private static final ImmutableMap<String, RetrySettings> RETRY_PARAM_DEFINITIONS;
+
+    static {
+      ImmutableMap.Builder<String, RetrySettings> definitions = ImmutableMap.builder();
+      RetrySettings settings = null;
+      settings =
+          RetrySettings.newBuilder()
+              .setInitialRetryDelay(Duration.ofMillis(100L))
+              .setRetryDelayMultiplier(1.3)
+              .setMaxRetryDelay(Duration.ofMillis(60000L))
+              .setInitialRpcTimeout(Duration.ofMillis(20000L))
+              .setRpcTimeoutMultiplier(1.0)
+              .setMaxRpcTimeout(Duration.ofMillis(20000L))
+              .setTotalTimeout(Duration.ofMillis(600000L))
+              .build();
+      definitions.put("default", settings);
+      RETRY_PARAM_DEFINITIONS = definitions.build();
+    }
+
+    protected Builder() {
+      this((ClientContext) null);
+    }
+
+    protected Builder(ClientContext clientContext) {
+      super(clientContext);
+
+      generateAccessTokenSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+
+      generateIdTokenSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+
+      signBlobSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+
+      signJwtSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
+
+      unaryMethodSettingsBuilders =
+          ImmutableList.<UnaryCallSettings.Builder<?, ?>>of(
+              generateAccessTokenSettings,
+              generateIdTokenSettings,
+              signBlobSettings,
+              signJwtSettings);
+
+      initDefaults(this);
+    }
+
+    private static Builder createDefault() {
+      Builder builder = new Builder((ClientContext) null);
+      builder.setTransportChannelProvider(defaultTransportChannelProvider());
+      builder.setCredentialsProvider(defaultCredentialsProviderBuilder().build());
+      builder.setInternalHeaderProvider(defaultApiClientHeaderProviderBuilder().build());
+      builder.setEndpoint(getDefaultEndpoint());
+      return initDefaults(builder);
+    }
+
+    private static Builder initDefaults(Builder builder) {
+
+      builder
+          .generateAccessTokenSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("idempotent"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("default"));
+
+      builder
+          .generateIdTokenSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("idempotent"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("default"));
+
+      builder
+          .signBlobSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("idempotent"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("default"));
+
+      builder
+          .signJwtSettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("idempotent"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("default"));
+
+      return builder;
+    }
+
+    protected Builder(IamCredentialsStubSettings settings) {
+      super(settings);
+
+      generateAccessTokenSettings = settings.generateAccessTokenSettings.toBuilder();
+      generateIdTokenSettings = settings.generateIdTokenSettings.toBuilder();
+      signBlobSettings = settings.signBlobSettings.toBuilder();
+      signJwtSettings = settings.signJwtSettings.toBuilder();
+
+      unaryMethodSettingsBuilders =
+          ImmutableList.<UnaryCallSettings.Builder<?, ?>>of(
+              generateAccessTokenSettings,
+              generateIdTokenSettings,
+              signBlobSettings,
+              signJwtSettings);
+    }
+
+    // NEXT_MAJOR_VER: remove 'throws Exception'
+    /**
+     * Applies the given settings updater function to all of the unary API methods in this service.
+     *
+     * <p>Note: This method does not support applying settings to streaming methods.
+     */
+    public Builder applyToAllUnaryMethods(
+        ApiFunction<UnaryCallSettings.Builder<?, ?>, Void> settingsUpdater) throws Exception {
+      super.applyToAllUnaryMethods(unaryMethodSettingsBuilders, settingsUpdater);
+      return this;
+    }
+
+    public ImmutableList<UnaryCallSettings.Builder<?, ?>> unaryMethodSettingsBuilders() {
+      return unaryMethodSettingsBuilders;
+    }
+
+    /** Returns the builder for the settings used for calls to generateAccessToken. */
+    public UnaryCallSettings.Builder<GenerateAccessTokenRequest, GenerateAccessTokenResponse>
+        generateAccessTokenSettings() {
+      return generateAccessTokenSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to generateIdToken. */
+    public UnaryCallSettings.Builder<GenerateIdTokenRequest, GenerateIdTokenResponse>
+        generateIdTokenSettings() {
+      return generateIdTokenSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to signBlob. */
+    public UnaryCallSettings.Builder<SignBlobRequest, SignBlobResponse> signBlobSettings() {
+      return signBlobSettings;
+    }
+
+    /** Returns the builder for the settings used for calls to signJwt. */
+    public UnaryCallSettings.Builder<SignJwtRequest, SignJwtResponse> signJwtSettings() {
+      return signJwtSettings;
+    }
+
+    @Override
+    public IamCredentialsStubSettings build() throws IOException {
+      return new IamCredentialsStubSettings(this);
+    }
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/IamCredentialsClientTest.java b/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/IamCredentialsClientTest.java
new file mode 100644
index 000000000000..8f275a594bfc
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/IamCredentialsClientTest.java
@@ -0,0 +1,279 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1;
+
+import com.google.api.gax.core.NoCredentialsProvider;
+import com.google.api.gax.grpc.GaxGrpcProperties;
+import com.google.api.gax.grpc.testing.LocalChannelProvider;
+import com.google.api.gax.grpc.testing.MockGrpcService;
+import com.google.api.gax.grpc.testing.MockServiceHelper;
+import com.google.api.gax.rpc.ApiClientHeaderProvider;
+import com.google.api.gax.rpc.InvalidArgumentException;
+import com.google.protobuf.ByteString;
+import com.google.protobuf.Duration;
+import com.google.protobuf.GeneratedMessageV3;
+import io.grpc.Status;
+import io.grpc.StatusRuntimeException;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+@javax.annotation.Generated("by GAPIC")
+public class IamCredentialsClientTest {
+  private static MockIAMCredentials mockIAMCredentials;
+  private static MockServiceHelper serviceHelper;
+  private IamCredentialsClient client;
+  private LocalChannelProvider channelProvider;
+
+  @BeforeClass
+  public static void startStaticServer() {
+    mockIAMCredentials = new MockIAMCredentials();
+    serviceHelper =
+        new MockServiceHelper("in-process-1", Arrays.<MockGrpcService>asList(mockIAMCredentials));
+    serviceHelper.start();
+  }
+
+  @AfterClass
+  public static void stopServer() {
+    serviceHelper.stop();
+  }
+
+  @Before
+  public void setUp() throws IOException {
+    serviceHelper.reset();
+    channelProvider = serviceHelper.createChannelProvider();
+    IamCredentialsSettings settings =
+        IamCredentialsSettings.newBuilder()
+            .setTransportChannelProvider(channelProvider)
+            .setCredentialsProvider(NoCredentialsProvider.create())
+            .build();
+    client = IamCredentialsClient.create(settings);
+  }
+
+  @After
+  public void tearDown() throws Exception {
+    client.close();
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void generateAccessTokenTest() {
+    String accessToken = "accessToken-1938933922";
+    GenerateAccessTokenResponse expectedResponse =
+        GenerateAccessTokenResponse.newBuilder().setAccessToken(accessToken).build();
+    mockIAMCredentials.addResponse(expectedResponse);
+
+    String formattedName =
+        IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+    List<String> delegates = new ArrayList<>();
+    List<String> scope = new ArrayList<>();
+    Duration lifetime = Duration.newBuilder().build();
+
+    GenerateAccessTokenResponse actualResponse =
+        client.generateAccessToken(formattedName, delegates, scope, lifetime);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<GeneratedMessageV3> actualRequests = mockIAMCredentials.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GenerateAccessTokenRequest actualRequest = (GenerateAccessTokenRequest) actualRequests.get(0);
+
+    Assert.assertEquals(formattedName, actualRequest.getName());
+    Assert.assertEquals(delegates, actualRequest.getDelegatesList());
+    Assert.assertEquals(scope, actualRequest.getScopeList());
+    Assert.assertEquals(lifetime, actualRequest.getLifetime());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void generateAccessTokenExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(Status.INVALID_ARGUMENT);
+    mockIAMCredentials.addException(exception);
+
+    try {
+      String formattedName =
+          IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+      List<String> delegates = new ArrayList<>();
+      List<String> scope = new ArrayList<>();
+      Duration lifetime = Duration.newBuilder().build();
+
+      client.generateAccessToken(formattedName, delegates, scope, lifetime);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception
+    }
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void generateIdTokenTest() {
+    String token = "token110541305";
+    GenerateIdTokenResponse expectedResponse =
+        GenerateIdTokenResponse.newBuilder().setToken(token).build();
+    mockIAMCredentials.addResponse(expectedResponse);
+
+    String formattedName =
+        IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+    List<String> delegates = new ArrayList<>();
+    String audience = "audience975628804";
+    boolean includeEmail = false;
+
+    GenerateIdTokenResponse actualResponse =
+        client.generateIdToken(formattedName, delegates, audience, includeEmail);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<GeneratedMessageV3> actualRequests = mockIAMCredentials.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    GenerateIdTokenRequest actualRequest = (GenerateIdTokenRequest) actualRequests.get(0);
+
+    Assert.assertEquals(formattedName, actualRequest.getName());
+    Assert.assertEquals(delegates, actualRequest.getDelegatesList());
+    Assert.assertEquals(audience, actualRequest.getAudience());
+    Assert.assertEquals(includeEmail, actualRequest.getIncludeEmail());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void generateIdTokenExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(Status.INVALID_ARGUMENT);
+    mockIAMCredentials.addException(exception);
+
+    try {
+      String formattedName =
+          IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+      List<String> delegates = new ArrayList<>();
+      String audience = "audience975628804";
+      boolean includeEmail = false;
+
+      client.generateIdToken(formattedName, delegates, audience, includeEmail);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception
+    }
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void signBlobTest() {
+    String keyId = "keyId-1134673157";
+    ByteString signedBlob = ByteString.copyFromUtf8("-32");
+    SignBlobResponse expectedResponse =
+        SignBlobResponse.newBuilder().setKeyId(keyId).setSignedBlob(signedBlob).build();
+    mockIAMCredentials.addResponse(expectedResponse);
+
+    String formattedName =
+        IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+    List<String> delegates = new ArrayList<>();
+    ByteString payload = ByteString.copyFromUtf8("-114");
+
+    SignBlobResponse actualResponse = client.signBlob(formattedName, delegates, payload);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<GeneratedMessageV3> actualRequests = mockIAMCredentials.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    SignBlobRequest actualRequest = (SignBlobRequest) actualRequests.get(0);
+
+    Assert.assertEquals(formattedName, actualRequest.getName());
+    Assert.assertEquals(delegates, actualRequest.getDelegatesList());
+    Assert.assertEquals(payload, actualRequest.getPayload());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void signBlobExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(Status.INVALID_ARGUMENT);
+    mockIAMCredentials.addException(exception);
+
+    try {
+      String formattedName =
+          IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+      List<String> delegates = new ArrayList<>();
+      ByteString payload = ByteString.copyFromUtf8("-114");
+
+      client.signBlob(formattedName, delegates, payload);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception
+    }
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void signJwtTest() {
+    String keyId = "keyId-1134673157";
+    String signedJwt = "signedJwt-979546844";
+    SignJwtResponse expectedResponse =
+        SignJwtResponse.newBuilder().setKeyId(keyId).setSignedJwt(signedJwt).build();
+    mockIAMCredentials.addResponse(expectedResponse);
+
+    String formattedName =
+        IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+    List<String> delegates = new ArrayList<>();
+    String payload = "-114";
+
+    SignJwtResponse actualResponse = client.signJwt(formattedName, delegates, payload);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<GeneratedMessageV3> actualRequests = mockIAMCredentials.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    SignJwtRequest actualRequest = (SignJwtRequest) actualRequests.get(0);
+
+    Assert.assertEquals(formattedName, actualRequest.getName());
+    Assert.assertEquals(delegates, actualRequest.getDelegatesList());
+    Assert.assertEquals(payload, actualRequest.getPayload());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  @SuppressWarnings("all")
+  public void signJwtExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(Status.INVALID_ARGUMENT);
+    mockIAMCredentials.addException(exception);
+
+    try {
+      String formattedName =
+          IamCredentialsClient.formatServiceAccountName("[PROJECT]", "[SERVICE_ACCOUNT]");
+      List<String> delegates = new ArrayList<>();
+      String payload = "-114";
+
+      client.signJwt(formattedName, delegates, payload);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception
+    }
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentials.java b/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentials.java
new file mode 100644
index 000000000000..5b89bfa9de2f
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentials.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1;
+
+import com.google.api.core.BetaApi;
+import com.google.api.gax.grpc.testing.MockGrpcService;
+import com.google.protobuf.GeneratedMessageV3;
+import io.grpc.ServerServiceDefinition;
+import java.util.List;
+
+@javax.annotation.Generated("by GAPIC")
+@BetaApi
+public class MockIAMCredentials implements MockGrpcService {
+  private final MockIAMCredentialsImpl serviceImpl;
+
+  public MockIAMCredentials() {
+    serviceImpl = new MockIAMCredentialsImpl();
+  }
+
+  @Override
+  public List<GeneratedMessageV3> getRequests() {
+    return serviceImpl.getRequests();
+  }
+
+  @Override
+  public void addResponse(GeneratedMessageV3 response) {
+    serviceImpl.addResponse(response);
+  }
+
+  @Override
+  public void addException(Exception exception) {
+    serviceImpl.addException(exception);
+  }
+
+  @Override
+  public ServerServiceDefinition getServiceDefinition() {
+    return serviceImpl.bindService();
+  }
+
+  @Override
+  public void reset() {
+    serviceImpl.reset();
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentialsImpl.java b/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentialsImpl.java
new file mode 100644
index 000000000000..b9f106d5d1c6
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/test/java/com/google/cloud/iam/credentials/v1/MockIAMCredentialsImpl.java
@@ -0,0 +1,117 @@
+/*
+ * Copyright 2018 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.google.cloud.iam.credentials.v1;
+
+import com.google.api.core.BetaApi;
+import com.google.cloud.iam.credentials.v1.IAMCredentialsGrpc.IAMCredentialsImplBase;
+import com.google.protobuf.GeneratedMessageV3;
+import io.grpc.stub.StreamObserver;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Queue;
+
+@javax.annotation.Generated("by GAPIC")
+@BetaApi
+public class MockIAMCredentialsImpl extends IAMCredentialsImplBase {
+  private ArrayList<GeneratedMessageV3> requests;
+  private Queue<Object> responses;
+
+  public MockIAMCredentialsImpl() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  public List<GeneratedMessageV3> getRequests() {
+    return requests;
+  }
+
+  public void addResponse(GeneratedMessageV3 response) {
+    responses.add(response);
+  }
+
+  public void setResponses(List<GeneratedMessageV3> responses) {
+    this.responses = new LinkedList<Object>(responses);
+  }
+
+  public void addException(Exception exception) {
+    responses.add(exception);
+  }
+
+  public void reset() {
+    requests = new ArrayList<>();
+    responses = new LinkedList<>();
+  }
+
+  @Override
+  public void generateAccessToken(
+      GenerateAccessTokenRequest request,
+      StreamObserver<GenerateAccessTokenResponse> responseObserver) {
+    Object response = responses.remove();
+    if (response instanceof GenerateAccessTokenResponse) {
+      requests.add(request);
+      responseObserver.onNext((GenerateAccessTokenResponse) response);
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError((Exception) response);
+    } else {
+      responseObserver.onError(new IllegalArgumentException("Unrecognized response type"));
+    }
+  }
+
+  @Override
+  public void generateIdToken(
+      GenerateIdTokenRequest request, StreamObserver<GenerateIdTokenResponse> responseObserver) {
+    Object response = responses.remove();
+    if (response instanceof GenerateIdTokenResponse) {
+      requests.add(request);
+      responseObserver.onNext((GenerateIdTokenResponse) response);
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError((Exception) response);
+    } else {
+      responseObserver.onError(new IllegalArgumentException("Unrecognized response type"));
+    }
+  }
+
+  @Override
+  public void signBlob(SignBlobRequest request, StreamObserver<SignBlobResponse> responseObserver) {
+    Object response = responses.remove();
+    if (response instanceof SignBlobResponse) {
+      requests.add(request);
+      responseObserver.onNext((SignBlobResponse) response);
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError((Exception) response);
+    } else {
+      responseObserver.onError(new IllegalArgumentException("Unrecognized response type"));
+    }
+  }
+
+  @Override
+  public void signJwt(SignJwtRequest request, StreamObserver<SignJwtResponse> responseObserver) {
+    Object response = responses.remove();
+    if (response instanceof SignJwtResponse) {
+      requests.add(request);
+      responseObserver.onNext((SignJwtResponse) response);
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError((Exception) response);
+    } else {
+      responseObserver.onError(new IllegalArgumentException("Unrecognized response type"));
+    }
+  }
+}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/synth.py b/google-cloud-clients/google-cloud-iamcredentials/synth.py
new file mode 100644
index 000000000000..f6d75b3704a5
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/synth.py
@@ -0,0 +1,35 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""This script is used to synthesize generated parts of this library."""
+
+import synthtool as s
+import synthtool.gcp as gcp
+
+gapic = gcp.GAPICGenerator()
+common_templates = gcp.CommonTemplates()
+
+versions = ['v1']
+service = 'iamcredentials'
+
+for version in versions:
+    library = gapic.java_library(
+        service=service,
+        version=version,
+        config_path=f'/google/iam/credentials/artman_iamcredentials_v1.yaml',
+        artman_output_name='')
+
+    s.copy(library / f'gapic-google-cloud-{service}-{version}/src', 'src')
+    s.copy(library / f'grpc-google-cloud-{service}-{version}/src', f'../../google-api-grpc/grpc-google-cloud-{service}-{version}/src')
+    s.copy(library / f'proto-google-cloud-{service}-{version}/src', f'../../google-api-grpc/proto-google-cloud-{service}-{version}/src')
\ No newline at end of file
diff --git a/google-cloud-clients/pom.xml b/google-cloud-clients/pom.xml
index bac640bc08b5..0a61e41ab668 100644
--- a/google-cloud-clients/pom.xml
+++ b/google-cloud-clients/pom.xml
@@ -1,7 +1,5 @@
-<?xml version="1.0"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<?xml version='1.0' encoding='UTF-8'?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.google.cloud</groupId>
   <artifactId>google-cloud-clients</artifactId>
@@ -446,7 +444,7 @@
     <module>google-cloud-dns</module>
     <module>google-cloud-errorreporting</module>
     <module>google-cloud-firestore</module>
-    <module>google-cloud-iot</module>
+    <module>google-cloud-iamcredentials</module><module>google-cloud-iot</module>
     <module>google-cloud-kms</module>
     <module>google-cloud-language</module>
     <module>google-cloud-logging</module>
@@ -769,7 +767,7 @@
                   </group>
                   <group>
                     <title>Stub packages</title>
-                    <packages>com.google.cloud.asset.v1beta1.stub:com.google.cloud.automl.v1beta1.stub:com.google.cloud.bigquery.datatransfer.v1.stub:com.google.cloud.bigquery.storage.v1beta1.stub:com.google.cloud.bigtable.admin.v2.stub:com.google.cloud.bigtable.data.v2.stub*:com.google.cloud.compute.v1.stub:com.google.cloud.container.v1.stub:com.google.cloud.devtools.containeranalysis.v1beta1.stub:com.google.cloud.dataproc.v1.stub:com.google.cloud.dataproc.v1beta2.stub:com.google.cloud.dlp.v2beta1.stub:com.google.cloud.dlp.v2.stub:com.google.cloud.dialogflow.v2beta1.stub:com.google.cloud.dialogflow.v2.stub:com.google.cloud.errorreporting.v1beta1.stub:com.google.cloud.firestore.v1beta1.stub:com.google.cloud.iot.v1.stub:com.google.cloud.kms.v1.stub:com.google.cloud.language.v1beta2.stub:com.google.cloud.language.v1.stub:com.google.cloud.logging.v2.stub:com.google.cloud.monitoring.v3.stub:com.google.cloud.oslogin.v1.stub:com.google.cloud.pubsub.v1.stub:com.google.cloud.redis.v1beta1.stub:com.google.cloud.redis.v1.stub:com.google.cloud.scheduler.v1beta1.stub:com.google.cloud.securitycenter.v1beta1.stub:com.google.cloud.spanner.admin.database.v1.stub:com.google.cloud.spanner.admin.instance.v1.stub:com.google.cloud.spanner.v1.stub:com.google.cloud.speech.v1beta1.stub:com.google.cloud.speech.v1p1beta1.stub:com.google.cloud.speech.v1.stub:com.google.cloud.tasks.v2beta2.stub:com.google.cloud.texttospeech.v1beta1.stub:com.google.cloud.texttospeech.v1.stub:com.google.cloud.trace.v1.stub:com.google.cloud.trace.v2.stub:com.google.cloud.videointelligence.v1beta1.stub:com.google.cloud.videointelligence.v1beta2.stub:com.google.cloud.videointelligence.v1.stub:com.google.cloud.videointelligence.v1p1beta1.stub:com.google.cloud.videointelligence.v1p2beta1.stub:com.google.cloud.vision.v1.stub:com.google.cloud.vision.v1p1beta1.stub:com.google.cloud.vision.v1p2beta1.stub:com.google.cloud.vision.v1p3beta1.stub:com.google.cloud.websecurityscanner.v1alpha.stub</packages>
+                    <packages>com.google.cloud.asset.v1beta1.stub:com.google.cloud.automl.v1beta1.stub:com.google.cloud.bigquerydatatransfer.v1.stub:com.google.cloud.bigquerystorage.v1beta1.stub:com.google.cloud.bigtable-admin.v2.stub:com.google.cloud.bigtable.v2.stub:com.google.cloud.container.v1.stub:com.google.cloud.containeranalysis.v1beta1.stub:com.google.cloud.dataproc.v1.stub:com.google.cloud.dataproc.v1beta2.stub:com.google.cloud.dialogflow.v2.stub:com.google.cloud.dialogflow.v2beta1.stub:com.google.cloud.dlp.v2.stub:com.google.cloud.error-reporting.v1beta1.stub:com.google.cloud.firestore.v1beta1.stub:com.google.cloud.iamcredentials.v1.stub:com.google.cloud.iot.v1.stub:com.google.cloud.kms.v1.stub:com.google.cloud.language.v1.stub:com.google.cloud.language.v1beta2.stub:com.google.cloud.logging.v2.stub:com.google.cloud.monitoring.v3.stub:com.google.cloud.os-login.v1.stub:com.google.cloud.pubsub.v1.stub:com.google.cloud.redis.v1.stub:com.google.cloud.redis.v1beta1.stub:com.google.cloud.scheduler.v1beta1.stub:com.google.cloud.securitycenter.v1beta1.stub:com.google.cloud.spanner-admin-database.v1.stub:com.google.cloud.spanner-admin-instance.v1.stub:com.google.cloud.spanner.v1.stub:com.google.cloud.speech.v1.stub:com.google.cloud.speech.v1beta1.stub:com.google.cloud.speech.v1p1beta1.stub:com.google.cloud.tasks.v2beta2.stub:com.google.cloud.tasks.v2beta3.stub:com.google.cloud.texttospeech.v1.stub:com.google.cloud.texttospeech.v1beta1.stub:com.google.cloud.trace.v1.stub:com.google.cloud.trace.v2.stub:com.google.cloud.video-intelligence.v1.stub:com.google.cloud.video-intelligence.v1beta1.stub:com.google.cloud.video-intelligence.v1beta2.stub:com.google.cloud.video-intelligence.v1p1beta1.stub:com.google.cloud.video-intelligence.v1p2beta1.stub:com.google.cloud.vision.v1.stub:com.google.cloud.vision.v1p1beta1.stub:com.google.cloud.vision.v1p2beta1.stub:com.google.cloud.vision.v1p3beta1.stub:com.google.cloud.websecurityscanner.v1alpha.stub</packages>
                   </group>
                   <group>
                     <title>Deprecated packages</title>
@@ -877,7 +875,7 @@
             </group>
             <group>
               <title>Stub packages</title>
-              <packages>com.google.cloud.automl.v1beta1.stub:com.google.cloud.bigquery.datatransfer.v1.stub:com.google.cloud.bigquery.storage.v1beta1.stub:com.google.cloud.bigtable.admin.v2.stub:com.google.cloud.bigtable.data.v2.stub*:com.google.cloud.compute.v1.stub:com.google.cloud.container.v1.stub:com.google.cloud.dataproc.v1.stub:com.google.cloud.dataproc.v1beta2.stub:com.google.cloud.dlp.v2beta1.stub:com.google.cloud.dlp.v2.stub:com.google.cloud.dialogflow.v2beta1.stub:com.google.cloud.dialogflow.v2.stub:com.google.cloud.errorreporting.v1beta1.stub:com.google.cloud.firestore.v1beta1.stub:com.google.cloud.iot.v1.stub:com.google.cloud.kms.v1.stub:com.google.cloud.language.v1beta2.stub:com.google.cloud.language.v1.stub:com.google.cloud.logging.v2.stub:com.google.cloud.monitoring.v3.stub:com.google.cloud.oslogin.v1.stub:com.google.cloud.pubsub.v1.stub:com.google.cloud.redis.v1beta1.stub:com.google.cloud.scheduler.v1beta1.stub:com.google.cloud.securitycenter.v1beta1.stub:com.google.cloud.spanner.admin.database.v1.stub:com.google.cloud.spanner.admin.instance.v1.stub:com.google.cloud.spanner.v1.stub:com.google.cloud.speech.v1beta1.stub:com.google.cloud.speech.v1p1beta1.stub:com.google.cloud.speech.v1.stub:com.google.cloud.tasks.v2beta2.stub:com.google.cloud.texttospeech.v1beta1.stub:com.google.cloud.texttospeech.v1.stub:com.google.cloud.trace.v1.stub:com.google.cloud.trace.v2.stub:com.google.cloud.videointelligence.v1beta1.stub:com.google.cloud.videointelligence.v1beta2.stub:com.google.cloud.videointelligence.v1.stub:com.google.cloud.videointelligence.v1p1beta1.stub:com.google.cloud.vision.v1.stub:com.google.cloud.vision.v1p1beta1.stub:com.google.cloud.vision.v1p2beta1.stub:com.google.cloud.vision.v1p3beta1.stub:com.google.cloud.websecurityscanner.v1alpha.stub</packages>
+              <packages>com.google.cloud.asset.v1beta1.stub:com.google.cloud.automl.v1beta1.stub:com.google.cloud.bigquerydatatransfer.v1.stub:com.google.cloud.bigquerystorage.v1beta1.stub:com.google.cloud.bigtable-admin.v2.stub:com.google.cloud.bigtable.v2.stub:com.google.cloud.container.v1.stub:com.google.cloud.containeranalysis.v1beta1.stub:com.google.cloud.dataproc.v1.stub:com.google.cloud.dataproc.v1beta2.stub:com.google.cloud.dialogflow.v2.stub:com.google.cloud.dialogflow.v2beta1.stub:com.google.cloud.dlp.v2.stub:com.google.cloud.error-reporting.v1beta1.stub:com.google.cloud.firestore.v1beta1.stub:com.google.cloud.iamcredentials.v1.stub:com.google.cloud.iot.v1.stub:com.google.cloud.kms.v1.stub:com.google.cloud.language.v1.stub:com.google.cloud.language.v1beta2.stub:com.google.cloud.logging.v2.stub:com.google.cloud.monitoring.v3.stub:com.google.cloud.os-login.v1.stub:com.google.cloud.pubsub.v1.stub:com.google.cloud.redis.v1.stub:com.google.cloud.redis.v1beta1.stub:com.google.cloud.scheduler.v1beta1.stub:com.google.cloud.securitycenter.v1beta1.stub:com.google.cloud.spanner-admin-database.v1.stub:com.google.cloud.spanner-admin-instance.v1.stub:com.google.cloud.spanner.v1.stub:com.google.cloud.speech.v1.stub:com.google.cloud.speech.v1beta1.stub:com.google.cloud.speech.v1p1beta1.stub:com.google.cloud.tasks.v2beta2.stub:com.google.cloud.tasks.v2beta3.stub:com.google.cloud.texttospeech.v1.stub:com.google.cloud.texttospeech.v1beta1.stub:com.google.cloud.trace.v1.stub:com.google.cloud.trace.v2.stub:com.google.cloud.video-intelligence.v1.stub:com.google.cloud.video-intelligence.v1beta1.stub:com.google.cloud.video-intelligence.v1beta2.stub:com.google.cloud.video-intelligence.v1p1beta1.stub:com.google.cloud.video-intelligence.v1p2beta1.stub:com.google.cloud.vision.v1.stub:com.google.cloud.vision.v1p1beta1.stub:com.google.cloud.vision.v1p2beta1.stub:com.google.cloud.vision.v1p3beta1.stub:com.google.cloud.websecurityscanner.v1alpha.stub</packages>
             </group>
             <group>
               <title>Deprecated packages</title>
diff --git a/versions.txt b/versions.txt
index f77aeebba612..7053d78c555c 100644
--- a/versions.txt
+++ b/versions.txt
@@ -2,6 +2,67 @@
 # module:released-version:current-version
 
 google-api-grpc:0.38.0:0.38.1-SNAPSHOT
+google-cloud:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-appengineflexcompat:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-appengineflexcustom:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-appengineflexjava:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-appenginejava8:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-asset:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-automl:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-bigquery:1.55.0:1.55.1-SNAPSHOT
+google-cloud-bigquerydatatransfer:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-bigquerystorage:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-bigtable:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-bigtable-admin:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-bigtable-emulator:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-bom:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-clients:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-compat-checker:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-compute:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-container:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-containeranalysis:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-contrib:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-core:1.55.0:1.55.1-SNAPSHOT
+google-cloud-core-grpc:1.55.0:1.55.1-SNAPSHOT
+google-cloud-core-http:1.55.0:1.55.1-SNAPSHOT
+google-cloud-dataproc:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-datastore:1.55.0:1.55.1-SNAPSHOT
+google-cloud-dialogflow:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-dlp:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-dns:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-errorreporting:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-examples:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-firestore:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-gcloud-maven-plugin:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-iamcredentials:0.0.0-alpha:0.0.1-alpha-SNAPSHOT
+google-cloud-iot:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-kms:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-language:1.55.0:1.55.1-SNAPSHOT
+google-cloud-logging:1.55.0:1.55.1-SNAPSHOT
+google-cloud-logging-logback:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-managedtest:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-monitoring:1.55.0:1.55.1-SNAPSHOT
+google-cloud-nio:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-nio-examples:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-notification:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-os-login:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-pubsub:1.55.0:1.55.1-SNAPSHOT
+google-cloud-redis:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-resourcemanager:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-scheduler:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-securitycenter:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-spanner:1.0.0:1.0.1-SNAPSHOT
+google-cloud-speech:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-storage:1.55.0:1.55.1-SNAPSHOT
+google-cloud-tasks:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-testing:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-texttospeech:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-trace:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-translate:1.55.0:1.55.1-SNAPSHOT
+google-cloud-util:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
+google-cloud-video-intelligence:0.73.0-beta:0.73.1-beta-SNAPSHOT
+google-cloud-vision:1.55.0:1.55.1-SNAPSHOT
+google-cloud-websecurityscanner:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
 grpc-google-cloud-asset-v1beta1:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-automl-v1beta1:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-bigquerydatatransfer-v1:0.38.0:0.38.1-SNAPSHOT
@@ -17,6 +78,7 @@ grpc-google-cloud-dialogflow-v2beta1:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-dlp-v2:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-error-reporting-v1beta1:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-firestore-v1beta1:0.38.0:0.38.1-SNAPSHOT
+grpc-google-cloud-iamcredentials-v1:0.0.0-alpha:0.0.1-alpha-SNAPSHOT
 grpc-google-cloud-iot-v1:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-kms-v1:0.38.0:0.38.1-SNAPSHOT
 grpc-google-cloud-language-v1:1.37.0:1.37.1-SNAPSHOT
@@ -67,6 +129,7 @@ proto-google-cloud-dialogflow-v2beta1:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-dlp-v2:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-error-reporting-v1beta1:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-firestore-v1beta1:0.38.0:0.38.1-SNAPSHOT
+proto-google-cloud-iamcredentials-v1:0.0.0-alpha:0.0.1-alpha-SNAPSHOT
 proto-google-cloud-iot-v1:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-kms-v1:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-language-v1:1.37.0:1.37.1-SNAPSHOT
@@ -101,63 +164,3 @@ proto-google-cloud-vision-v1p1beta1:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-vision-v1p2beta1:1.37.0:1.37.1-SNAPSHOT
 proto-google-cloud-vision-v1p3beta1:0.38.0:0.38.1-SNAPSHOT
 proto-google-cloud-websecurityscanner-v1alpha:0.38.0:0.38.1-SNAPSHOT
-google-cloud-clients:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-appengineflexcompat:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-appengineflexcustom:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-appengineflexjava:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-appenginejava8:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-asset:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-automl:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-bigquery:1.55.0:1.55.1-SNAPSHOT
-google-cloud-bigquerydatatransfer:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-bigquerystorage:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-bigtable:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-bigtable-admin:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-bom:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-compat-checker:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-compute:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-container:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-containeranalysis:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-contrib:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-core:1.55.0:1.55.1-SNAPSHOT
-google-cloud-core-grpc:1.55.0:1.55.1-SNAPSHOT
-google-cloud-core-http:1.55.0:1.55.1-SNAPSHOT
-google-cloud-dataproc:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-datastore:1.55.0:1.55.1-SNAPSHOT
-google-cloud-dialogflow:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-dlp:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-dns:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-errorreporting:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-examples:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-firestore:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-iot:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-kms:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-language:1.55.0:1.55.1-SNAPSHOT
-google-cloud-logging:1.55.0:1.55.1-SNAPSHOT
-google-cloud-logging-logback:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-managedtest:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-monitoring:1.55.0:1.55.1-SNAPSHOT
-google-cloud-nio:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-nio-examples:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-notification:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-os-login:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-pubsub:1.55.0:1.55.1-SNAPSHOT
-google-cloud-redis:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-resourcemanager:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-scheduler:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-securitycenter:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-spanner:1.0.0:1.0.1-SNAPSHOT
-google-cloud-speech:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-storage:1.55.0:1.55.1-SNAPSHOT
-google-cloud-tasks:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-texttospeech:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-testing:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-gcloud-maven-plugin:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-bigtable-emulator:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-trace:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-translate:1.55.0:1.55.1-SNAPSHOT
-google-cloud-util:0.73.0-alpha:0.73.1-alpha-SNAPSHOT
-google-cloud-video-intelligence:0.73.0-beta:0.73.1-beta-SNAPSHOT
-google-cloud-vision:1.55.0:1.55.1-SNAPSHOT
-google-cloud-websecurityscanner:0.73.0-alpha:0.73.1-alpha-SNAPSHOT

From 8d582e54f799b452ef2b374d73e5e64737c9b73f Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:00:28 -0800
Subject: [PATCH 2/9] Fix pom versions and formatting

---
 google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml | 4 ++--
 google-api-grpc/pom.xml                                     | 6 ++++--
 .../proto-google-cloud-iamcredentials-v1/pom.xml            | 4 ++--
 google-cloud-clients/google-cloud-iamcredentials/pom.xml    | 4 ++--
 google-cloud-clients/pom.xml                                | 3 ++-
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml
index 866ba824c151..f0bf98c8ee6a 100644
--- a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml
+++ b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/pom.xml
@@ -9,7 +9,7 @@
   <parent>
     <groupId>com.google.api.grpc</groupId>
     <artifactId>google-api-grpc</artifactId>
-    <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-api-grpc:current} -->
+    <version>0.38.1-SNAPSHOT</version><!-- {x-version-update:google-api-grpc:current} -->
   </parent>
   <dependencies>
     <dependency>
@@ -28,4 +28,4 @@
       <scope>compile</scope>
     </dependency>
   </dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/google-api-grpc/pom.xml b/google-api-grpc/pom.xml
index 9f3492403027..20365354786e 100644
--- a/google-api-grpc/pom.xml
+++ b/google-api-grpc/pom.xml
@@ -653,7 +653,8 @@
     <module>grpc-google-cloud-dlp-v2</module>
     <module>grpc-google-cloud-error-reporting-v1beta1</module>
     <module>grpc-google-cloud-firestore-v1beta1</module>
-    <module>grpc-google-cloud-iamcredentials-v1</module><module>grpc-google-cloud-iot-v1</module>
+    <module>grpc-google-cloud-iamcredentials-v1</module>
+    <module>grpc-google-cloud-iot-v1</module>
     <module>grpc-google-cloud-kms-v1</module>
     <module>grpc-google-cloud-language-v1</module>
     <module>grpc-google-cloud-language-v1beta2</module>
@@ -704,7 +705,8 @@
     <module>proto-google-cloud-dlp-v2</module>
     <module>proto-google-cloud-error-reporting-v1beta1</module>
     <module>proto-google-cloud-firestore-v1beta1</module>
-    <module>proto-google-cloud-iamcredentials-v1</module><module>proto-google-cloud-iot-v1</module>
+    <module>proto-google-cloud-iamcredentials-v1</module>
+    <module>proto-google-cloud-iot-v1</module>
     <module>proto-google-cloud-kms-v1</module>
     <module>proto-google-cloud-language-v1</module>
     <module>proto-google-cloud-language-v1beta2</module>
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml b/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml
index 1a537dfa6836..1bea5d2b4dd0 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/pom.xml
@@ -9,7 +9,7 @@
   <parent>
     <groupId>com.google.api.grpc</groupId>
     <artifactId>google-api-grpc</artifactId>
-    <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-api-grpc:current} -->
+    <version>0.38.1-SNAPSHOT</version><!-- {x-version-update:google-api-grpc:current} -->
   </parent>
   <dependencies>
     <dependency>
@@ -33,4 +33,4 @@
       <scope>compile</scope>
     </dependency>
   </dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/google-cloud-clients/google-cloud-iamcredentials/pom.xml b/google-cloud-clients/google-cloud-iamcredentials/pom.xml
index 767400bb541b..154330cb2870 100644
--- a/google-cloud-clients/google-cloud-iamcredentials/pom.xml
+++ b/google-cloud-clients/google-cloud-iamcredentials/pom.xml
@@ -12,7 +12,7 @@
   <parent>
     <groupId>com.google.cloud</groupId>
     <artifactId>google-cloud-clients</artifactId>
-    <version>0.0.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-cloud-clients:current} -->
+    <version>0.73.1-alpha-SNAPSHOT</version><!-- {x-version-update:google-cloud-clients:current} -->
   </parent>
   <properties>
     <site.installationModule>google-cloud-iamcredentials</site.installationModule>
@@ -84,4 +84,4 @@
       <scope>test</scope>
     </dependency>
   </dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/google-cloud-clients/pom.xml b/google-cloud-clients/pom.xml
index 0a61e41ab668..6a66f4d6863d 100644
--- a/google-cloud-clients/pom.xml
+++ b/google-cloud-clients/pom.xml
@@ -444,7 +444,8 @@
     <module>google-cloud-dns</module>
     <module>google-cloud-errorreporting</module>
     <module>google-cloud-firestore</module>
-    <module>google-cloud-iamcredentials</module><module>google-cloud-iot</module>
+    <module>google-cloud-iamcredentials</module>
+    <module>google-cloud-iot</module>
     <module>google-cloud-kms</module>
     <module>google-cloud-language</module>
     <module>google-cloud-logging</module>

From 64f5484514ba6fcc93449caa846ef9a7e3b5421a Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:26:09 -0800
Subject: [PATCH 3/9] Remove classes that were in my cache directory from a bad
 previous generation

---
 .../credentials/v1/IAMCredentialsGrpc.java    |  720 ---------
 .../v1/GenerateAccessTokenRequest.java        | 1427 -----------------
 .../GenerateAccessTokenRequestOrBuilder.java  |  175 --
 .../v1/GenerateAccessTokenResponse.java       |  810 ----------
 .../GenerateAccessTokenResponseOrBuilder.java |   55 -
 .../v1/GenerateIdTokenRequest.java            | 1142 -------------
 .../v1/GenerateIdTokenRequestOrBuilder.java   |  124 --
 .../v1/GenerateIdTokenResponse.java           |  569 -------
 .../v1/GenerateIdTokenResponseOrBuilder.java  |   27 -
 ...rateIdentityBindingAccessTokenRequest.java | 1298 ---------------
 ...ityBindingAccessTokenRequestOrBuilder.java |  180 ---
 ...ateIdentityBindingAccessTokenResponse.java |  810 ----------
 ...tyBindingAccessTokenResponseOrBuilder.java |   55 -
 .../v1/IAMCredentialsCommonProto.java         |  184 ---
 .../credentials/v1/ServiceAccountName.java    |  189 ---
 .../iam/credentials/v1/SignBlobRequest.java   |  978 -----------
 .../v1/SignBlobRequestOrBuilder.java          |  103 --
 .../iam/credentials/v1/SignBlobResponse.java  |  646 --------
 .../v1/SignBlobResponseOrBuilder.java         |   36 -
 .../iam/credentials/v1/SignJwtRequest.java    | 1056 ------------
 .../v1/SignJwtRequestOrBuilder.java           |  112 --
 .../iam/credentials/v1/SignJwtResponse.java   |  724 ---------
 .../v1/SignJwtResponseOrBuilder.java          |   45 -
 .../iam/credentials/v1/Iamcredentials.java    |   82 -
 24 files changed, 11547 deletions(-)
 delete mode 100644 google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java

diff --git a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java
deleted file mode 100644
index d00145bb53d0..000000000000
--- a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/IAMCredentialsGrpc.java
+++ /dev/null
@@ -1,720 +0,0 @@
-package google.iam.credentials.v1;
-
-import static io.grpc.MethodDescriptor.generateFullMethodName;
-import static io.grpc.stub.ClientCalls.asyncBidiStreamingCall;
-import static io.grpc.stub.ClientCalls.asyncClientStreamingCall;
-import static io.grpc.stub.ClientCalls.asyncServerStreamingCall;
-import static io.grpc.stub.ClientCalls.asyncUnaryCall;
-import static io.grpc.stub.ClientCalls.blockingServerStreamingCall;
-import static io.grpc.stub.ClientCalls.blockingUnaryCall;
-import static io.grpc.stub.ClientCalls.futureUnaryCall;
-import static io.grpc.stub.ServerCalls.asyncBidiStreamingCall;
-import static io.grpc.stub.ServerCalls.asyncClientStreamingCall;
-import static io.grpc.stub.ServerCalls.asyncServerStreamingCall;
-import static io.grpc.stub.ServerCalls.asyncUnaryCall;
-import static io.grpc.stub.ServerCalls.asyncUnimplementedStreamingCall;
-import static io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall;
-
-/**
- * <pre>
- * A service account is a special type of Google account that belongs to your
- * application or a virtual machine (VM), instead of to an individual end user.
- * Your application assumes the identity of the service account to call Google
- * APIs, so that the users aren't directly involved.
- * Service account credentials are used to temporarily assume the identity
- * of the service account. Supported credential types include OAuth 2.0 access
- * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
- * more.
- * </pre>
- */
-@javax.annotation.Generated(
-    value = "by gRPC proto compiler (version 1.10.0)",
-    comments = "Source: google/iam/credentials/v1/iamcredentials.proto")
-public final class IAMCredentialsGrpc {
-
-  private IAMCredentialsGrpc() {}
-
-  public static final String SERVICE_NAME = "google.iam.credentials.v1.IAMCredentials";
-
-  // Static method descriptors that strictly reflect the proto.
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getGenerateAccessTokenMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse> METHOD_GENERATE_ACCESS_TOKEN = getGenerateAccessTokenMethodHelper();
-
-  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
-
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod() {
-    return getGenerateAccessTokenMethodHelper();
-  }
-
-  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateAccessTokenRequest, com.google.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
-    if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
-      synchronized (IAMCredentialsGrpc.class) {
-        if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
-          IAMCredentialsGrpc.getGenerateAccessTokenMethod = getGenerateAccessTokenMethod = 
-              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.GenerateAccessTokenRequest, com.google.iam.credentials.v1.GenerateAccessTokenResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "GenerateAccessToken"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateAccessToken"))
-                  .build();
-          }
-        }
-     }
-     return getGenerateAccessTokenMethod;
-  }
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getGenerateIdTokenMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdTokenResponse> METHOD_GENERATE_ID_TOKEN = getGenerateIdTokenMethodHelper();
-
-  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
-
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod() {
-    return getGenerateIdTokenMethodHelper();
-  }
-
-  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdTokenRequest, com.google.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
-    if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
-      synchronized (IAMCredentialsGrpc.class) {
-        if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
-          IAMCredentialsGrpc.getGenerateIdTokenMethod = getGenerateIdTokenMethod = 
-              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.GenerateIdTokenRequest, com.google.iam.credentials.v1.GenerateIdTokenResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "GenerateIdToken"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateIdToken"))
-                  .build();
-          }
-        }
-     }
-     return getGenerateIdTokenMethod;
-  }
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getSignBlobMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
-      com.google.iam.credentials.v1.SignBlobResponse> METHOD_SIGN_BLOB = getSignBlobMethodHelper();
-
-  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
-      com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
-
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
-      com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethod() {
-    return getSignBlobMethodHelper();
-  }
-
-  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest,
-      com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignBlobRequest, com.google.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
-    if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
-      synchronized (IAMCredentialsGrpc.class) {
-        if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
-          IAMCredentialsGrpc.getSignBlobMethod = getSignBlobMethod = 
-              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.SignBlobRequest, com.google.iam.credentials.v1.SignBlobResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "SignBlob"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.SignBlobRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.SignBlobResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignBlob"))
-                  .build();
-          }
-        }
-     }
-     return getSignBlobMethod;
-  }
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getSignJwtMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
-      com.google.iam.credentials.v1.SignJwtResponse> METHOD_SIGN_JWT = getSignJwtMethodHelper();
-
-  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
-      com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
-
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
-      com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethod() {
-    return getSignJwtMethodHelper();
-  }
-
-  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest,
-      com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.SignJwtRequest, com.google.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
-    if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
-      synchronized (IAMCredentialsGrpc.class) {
-        if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
-          IAMCredentialsGrpc.getSignJwtMethod = getSignJwtMethod = 
-              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.SignJwtRequest, com.google.iam.credentials.v1.SignJwtResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "SignJwt"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.SignJwtRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.SignJwtResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignJwt"))
-                  .build();
-          }
-        }
-     }
-     return getSignJwtMethod;
-  }
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getGenerateIdentityBindingAccessTokenMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> METHOD_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN = getGenerateIdentityBindingAccessTokenMethodHelper();
-
-  private static volatile io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethod;
-
-  @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethod() {
-    return getGenerateIdentityBindingAccessTokenMethodHelper();
-  }
-
-  private static io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> getGenerateIdentityBindingAccessTokenMethod;
-    if ((getGenerateIdentityBindingAccessTokenMethod = IAMCredentialsGrpc.getGenerateIdentityBindingAccessTokenMethod) == null) {
-      synchronized (IAMCredentialsGrpc.class) {
-        if ((getGenerateIdentityBindingAccessTokenMethod = IAMCredentialsGrpc.getGenerateIdentityBindingAccessTokenMethod) == null) {
-          IAMCredentialsGrpc.getGenerateIdentityBindingAccessTokenMethod = getGenerateIdentityBindingAccessTokenMethod = 
-              io.grpc.MethodDescriptor.<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "GenerateIdentityBindingAccessToken"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateIdentityBindingAccessToken"))
-                  .build();
-          }
-        }
-     }
-     return getGenerateIdentityBindingAccessTokenMethod;
-  }
-
-  /**
-   * Creates a new async stub that supports all call types for the service
-   */
-  public static IAMCredentialsStub newStub(io.grpc.Channel channel) {
-    return new IAMCredentialsStub(channel);
-  }
-
-  /**
-   * Creates a new blocking-style stub that supports unary and streaming output calls on the service
-   */
-  public static IAMCredentialsBlockingStub newBlockingStub(
-      io.grpc.Channel channel) {
-    return new IAMCredentialsBlockingStub(channel);
-  }
-
-  /**
-   * Creates a new ListenableFuture-style stub that supports unary calls on the service
-   */
-  public static IAMCredentialsFutureStub newFutureStub(
-      io.grpc.Channel channel) {
-    return new IAMCredentialsFutureStub(channel);
-  }
-
-  /**
-   * <pre>
-   * A service account is a special type of Google account that belongs to your
-   * application or a virtual machine (VM), instead of to an individual end user.
-   * Your application assumes the identity of the service account to call Google
-   * APIs, so that the users aren't directly involved.
-   * Service account credentials are used to temporarily assume the identity
-   * of the service account. Supported credential types include OAuth 2.0 access
-   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
-   * more.
-   * </pre>
-   */
-  public static abstract class IAMCredentialsImplBase implements io.grpc.BindableService {
-
-    /**
-     * <pre>
-     * Generates an OAuth 2.0 access token for a service account.
-     * </pre>
-     */
-    public void generateAccessToken(com.google.iam.credentials.v1.GenerateAccessTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
-      asyncUnimplementedUnaryCall(getGenerateAccessTokenMethodHelper(), responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Generates an OpenID Connect ID token for a service account.
-     * </pre>
-     */
-    public void generateIdToken(com.google.iam.credentials.v1.GenerateIdTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
-      asyncUnimplementedUnaryCall(getGenerateIdTokenMethodHelper(), responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Signs a blob using a service account's system-managed private key.
-     * </pre>
-     */
-    public void signBlob(com.google.iam.credentials.v1.SignBlobRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignBlobResponse> responseObserver) {
-      asyncUnimplementedUnaryCall(getSignBlobMethodHelper(), responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Signs a JWT using a service account's system-managed private key.
-     * </pre>
-     */
-    public void signJwt(com.google.iam.credentials.v1.SignJwtRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignJwtResponse> responseObserver) {
-      asyncUnimplementedUnaryCall(getSignJwtMethodHelper(), responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
-     * access token
-     * </pre>
-     */
-    public void generateIdentityBindingAccessToken(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> responseObserver) {
-      asyncUnimplementedUnaryCall(getGenerateIdentityBindingAccessTokenMethodHelper(), responseObserver);
-    }
-
-    @java.lang.Override public final io.grpc.ServerServiceDefinition bindService() {
-      return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor())
-          .addMethod(
-            getGenerateAccessTokenMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.iam.credentials.v1.GenerateAccessTokenRequest,
-                com.google.iam.credentials.v1.GenerateAccessTokenResponse>(
-                  this, METHODID_GENERATE_ACCESS_TOKEN)))
-          .addMethod(
-            getGenerateIdTokenMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.iam.credentials.v1.GenerateIdTokenRequest,
-                com.google.iam.credentials.v1.GenerateIdTokenResponse>(
-                  this, METHODID_GENERATE_ID_TOKEN)))
-          .addMethod(
-            getSignBlobMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.iam.credentials.v1.SignBlobRequest,
-                com.google.iam.credentials.v1.SignBlobResponse>(
-                  this, METHODID_SIGN_BLOB)))
-          .addMethod(
-            getSignJwtMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.iam.credentials.v1.SignJwtRequest,
-                com.google.iam.credentials.v1.SignJwtResponse>(
-                  this, METHODID_SIGN_JWT)))
-          .addMethod(
-            getGenerateIdentityBindingAccessTokenMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest,
-                com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse>(
-                  this, METHODID_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN)))
-          .build();
-    }
-  }
-
-  /**
-   * <pre>
-   * A service account is a special type of Google account that belongs to your
-   * application or a virtual machine (VM), instead of to an individual end user.
-   * Your application assumes the identity of the service account to call Google
-   * APIs, so that the users aren't directly involved.
-   * Service account credentials are used to temporarily assume the identity
-   * of the service account. Supported credential types include OAuth 2.0 access
-   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
-   * more.
-   * </pre>
-   */
-  public static final class IAMCredentialsStub extends io.grpc.stub.AbstractStub<IAMCredentialsStub> {
-    private IAMCredentialsStub(io.grpc.Channel channel) {
-      super(channel);
-    }
-
-    private IAMCredentialsStub(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
-      super(channel, callOptions);
-    }
-
-    @java.lang.Override
-    protected IAMCredentialsStub build(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
-      return new IAMCredentialsStub(channel, callOptions);
-    }
-
-    /**
-     * <pre>
-     * Generates an OAuth 2.0 access token for a service account.
-     * </pre>
-     */
-    public void generateAccessToken(com.google.iam.credentials.v1.GenerateAccessTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
-      asyncUnaryCall(
-          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request, responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Generates an OpenID Connect ID token for a service account.
-     * </pre>
-     */
-    public void generateIdToken(com.google.iam.credentials.v1.GenerateIdTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
-      asyncUnaryCall(
-          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request, responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Signs a blob using a service account's system-managed private key.
-     * </pre>
-     */
-    public void signBlob(com.google.iam.credentials.v1.SignBlobRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignBlobResponse> responseObserver) {
-      asyncUnaryCall(
-          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request, responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Signs a JWT using a service account's system-managed private key.
-     * </pre>
-     */
-    public void signJwt(com.google.iam.credentials.v1.SignJwtRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignJwtResponse> responseObserver) {
-      asyncUnaryCall(
-          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request, responseObserver);
-    }
-
-    /**
-     * <pre>
-     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
-     * access token
-     * </pre>
-     */
-    public void generateIdentityBindingAccessToken(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> responseObserver) {
-      asyncUnaryCall(
-          getChannel().newCall(getGenerateIdentityBindingAccessTokenMethodHelper(), getCallOptions()), request, responseObserver);
-    }
-  }
-
-  /**
-   * <pre>
-   * A service account is a special type of Google account that belongs to your
-   * application or a virtual machine (VM), instead of to an individual end user.
-   * Your application assumes the identity of the service account to call Google
-   * APIs, so that the users aren't directly involved.
-   * Service account credentials are used to temporarily assume the identity
-   * of the service account. Supported credential types include OAuth 2.0 access
-   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
-   * more.
-   * </pre>
-   */
-  public static final class IAMCredentialsBlockingStub extends io.grpc.stub.AbstractStub<IAMCredentialsBlockingStub> {
-    private IAMCredentialsBlockingStub(io.grpc.Channel channel) {
-      super(channel);
-    }
-
-    private IAMCredentialsBlockingStub(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
-      super(channel, callOptions);
-    }
-
-    @java.lang.Override
-    protected IAMCredentialsBlockingStub build(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
-      return new IAMCredentialsBlockingStub(channel, callOptions);
-    }
-
-    /**
-     * <pre>
-     * Generates an OAuth 2.0 access token for a service account.
-     * </pre>
-     */
-    public com.google.iam.credentials.v1.GenerateAccessTokenResponse generateAccessToken(com.google.iam.credentials.v1.GenerateAccessTokenRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getGenerateAccessTokenMethodHelper(), getCallOptions(), request);
-    }
-
-    /**
-     * <pre>
-     * Generates an OpenID Connect ID token for a service account.
-     * </pre>
-     */
-    public com.google.iam.credentials.v1.GenerateIdTokenResponse generateIdToken(com.google.iam.credentials.v1.GenerateIdTokenRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getGenerateIdTokenMethodHelper(), getCallOptions(), request);
-    }
-
-    /**
-     * <pre>
-     * Signs a blob using a service account's system-managed private key.
-     * </pre>
-     */
-    public com.google.iam.credentials.v1.SignBlobResponse signBlob(com.google.iam.credentials.v1.SignBlobRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getSignBlobMethodHelper(), getCallOptions(), request);
-    }
-
-    /**
-     * <pre>
-     * Signs a JWT using a service account's system-managed private key.
-     * </pre>
-     */
-    public com.google.iam.credentials.v1.SignJwtResponse signJwt(com.google.iam.credentials.v1.SignJwtRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getSignJwtMethodHelper(), getCallOptions(), request);
-    }
-
-    /**
-     * <pre>
-     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
-     * access token
-     * </pre>
-     */
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse generateIdentityBindingAccessToken(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getGenerateIdentityBindingAccessTokenMethodHelper(), getCallOptions(), request);
-    }
-  }
-
-  /**
-   * <pre>
-   * A service account is a special type of Google account that belongs to your
-   * application or a virtual machine (VM), instead of to an individual end user.
-   * Your application assumes the identity of the service account to call Google
-   * APIs, so that the users aren't directly involved.
-   * Service account credentials are used to temporarily assume the identity
-   * of the service account. Supported credential types include OAuth 2.0 access
-   * tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
-   * more.
-   * </pre>
-   */
-  public static final class IAMCredentialsFutureStub extends io.grpc.stub.AbstractStub<IAMCredentialsFutureStub> {
-    private IAMCredentialsFutureStub(io.grpc.Channel channel) {
-      super(channel);
-    }
-
-    private IAMCredentialsFutureStub(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
-      super(channel, callOptions);
-    }
-
-    @java.lang.Override
-    protected IAMCredentialsFutureStub build(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
-      return new IAMCredentialsFutureStub(channel, callOptions);
-    }
-
-    /**
-     * <pre>
-     * Generates an OAuth 2.0 access token for a service account.
-     * </pre>
-     */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.GenerateAccessTokenResponse> generateAccessToken(
-        com.google.iam.credentials.v1.GenerateAccessTokenRequest request) {
-      return futureUnaryCall(
-          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request);
-    }
-
-    /**
-     * <pre>
-     * Generates an OpenID Connect ID token for a service account.
-     * </pre>
-     */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.GenerateIdTokenResponse> generateIdToken(
-        com.google.iam.credentials.v1.GenerateIdTokenRequest request) {
-      return futureUnaryCall(
-          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request);
-    }
-
-    /**
-     * <pre>
-     * Signs a blob using a service account's system-managed private key.
-     * </pre>
-     */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.SignBlobResponse> signBlob(
-        com.google.iam.credentials.v1.SignBlobRequest request) {
-      return futureUnaryCall(
-          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request);
-    }
-
-    /**
-     * <pre>
-     * Signs a JWT using a service account's system-managed private key.
-     * </pre>
-     */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.SignJwtResponse> signJwt(
-        com.google.iam.credentials.v1.SignJwtRequest request) {
-      return futureUnaryCall(
-          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request);
-    }
-
-    /**
-     * <pre>
-     * Exchange a JWT signed by third party identity provider to an OAuth 2.0
-     * access token
-     * </pre>
-     */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse> generateIdentityBindingAccessToken(
-        com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest request) {
-      return futureUnaryCall(
-          getChannel().newCall(getGenerateIdentityBindingAccessTokenMethodHelper(), getCallOptions()), request);
-    }
-  }
-
-  private static final int METHODID_GENERATE_ACCESS_TOKEN = 0;
-  private static final int METHODID_GENERATE_ID_TOKEN = 1;
-  private static final int METHODID_SIGN_BLOB = 2;
-  private static final int METHODID_SIGN_JWT = 3;
-  private static final int METHODID_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN = 4;
-
-  private static final class MethodHandlers<Req, Resp> implements
-      io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
-      io.grpc.stub.ServerCalls.ServerStreamingMethod<Req, Resp>,
-      io.grpc.stub.ServerCalls.ClientStreamingMethod<Req, Resp>,
-      io.grpc.stub.ServerCalls.BidiStreamingMethod<Req, Resp> {
-    private final IAMCredentialsImplBase serviceImpl;
-    private final int methodId;
-
-    MethodHandlers(IAMCredentialsImplBase serviceImpl, int methodId) {
-      this.serviceImpl = serviceImpl;
-      this.methodId = methodId;
-    }
-
-    @java.lang.Override
-    @java.lang.SuppressWarnings("unchecked")
-    public void invoke(Req request, io.grpc.stub.StreamObserver<Resp> responseObserver) {
-      switch (methodId) {
-        case METHODID_GENERATE_ACCESS_TOKEN:
-          serviceImpl.generateAccessToken((com.google.iam.credentials.v1.GenerateAccessTokenRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateAccessTokenResponse>) responseObserver);
-          break;
-        case METHODID_GENERATE_ID_TOKEN:
-          serviceImpl.generateIdToken((com.google.iam.credentials.v1.GenerateIdTokenRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdTokenResponse>) responseObserver);
-          break;
-        case METHODID_SIGN_BLOB:
-          serviceImpl.signBlob((com.google.iam.credentials.v1.SignBlobRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignBlobResponse>) responseObserver);
-          break;
-        case METHODID_SIGN_JWT:
-          serviceImpl.signJwt((com.google.iam.credentials.v1.SignJwtRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.SignJwtResponse>) responseObserver);
-          break;
-        case METHODID_GENERATE_IDENTITY_BINDING_ACCESS_TOKEN:
-          serviceImpl.generateIdentityBindingAccessToken((com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse>) responseObserver);
-          break;
-        default:
-          throw new AssertionError();
-      }
-    }
-
-    @java.lang.Override
-    @java.lang.SuppressWarnings("unchecked")
-    public io.grpc.stub.StreamObserver<Req> invoke(
-        io.grpc.stub.StreamObserver<Resp> responseObserver) {
-      switch (methodId) {
-        default:
-          throw new AssertionError();
-      }
-    }
-  }
-
-  private static abstract class IAMCredentialsBaseDescriptorSupplier
-      implements io.grpc.protobuf.ProtoFileDescriptorSupplier, io.grpc.protobuf.ProtoServiceDescriptorSupplier {
-    IAMCredentialsBaseDescriptorSupplier() {}
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.FileDescriptor getFileDescriptor() {
-      return google.iam.credentials.v1.Iamcredentials.getDescriptor();
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.ServiceDescriptor getServiceDescriptor() {
-      return getFileDescriptor().findServiceByName("IAMCredentials");
-    }
-  }
-
-  private static final class IAMCredentialsFileDescriptorSupplier
-      extends IAMCredentialsBaseDescriptorSupplier {
-    IAMCredentialsFileDescriptorSupplier() {}
-  }
-
-  private static final class IAMCredentialsMethodDescriptorSupplier
-      extends IAMCredentialsBaseDescriptorSupplier
-      implements io.grpc.protobuf.ProtoMethodDescriptorSupplier {
-    private final String methodName;
-
-    IAMCredentialsMethodDescriptorSupplier(String methodName) {
-      this.methodName = methodName;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.MethodDescriptor getMethodDescriptor() {
-      return getServiceDescriptor().findMethodByName(methodName);
-    }
-  }
-
-  private static volatile io.grpc.ServiceDescriptor serviceDescriptor;
-
-  public static io.grpc.ServiceDescriptor getServiceDescriptor() {
-    io.grpc.ServiceDescriptor result = serviceDescriptor;
-    if (result == null) {
-      synchronized (IAMCredentialsGrpc.class) {
-        result = serviceDescriptor;
-        if (result == null) {
-          serviceDescriptor = result = io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
-              .setSchemaDescriptor(new IAMCredentialsFileDescriptorSupplier())
-              .addMethod(getGenerateAccessTokenMethodHelper())
-              .addMethod(getGenerateIdTokenMethodHelper())
-              .addMethod(getSignBlobMethodHelper())
-              .addMethod(getSignJwtMethodHelper())
-              .addMethod(getGenerateIdentityBindingAccessTokenMethodHelper())
-              .build();
-        }
-      }
-    }
-    return result;
-  }
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java
deleted file mode 100644
index c03e61f53082..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequest.java
+++ /dev/null
@@ -1,1427 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
- */
-public  final class GenerateAccessTokenRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
-    GenerateAccessTokenRequestOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateAccessTokenRequest.newBuilder() to construct.
-  private GenerateAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateAccessTokenRequest() {
-    name_ = "";
-    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateAccessTokenRequest(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            name_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
-            }
-            delegates_.add(s);
-            break;
-          }
-          case 34: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
-              scope_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000004;
-            }
-            scope_.add(s);
-            break;
-          }
-          case 58: {
-            com.google.protobuf.Duration.Builder subBuilder = null;
-            if (lifetime_ != null) {
-              subBuilder = lifetime_.toBuilder();
-            }
-            lifetime_ = input.readMessage(com.google.protobuf.Duration.parser(), extensionRegistry);
-            if (subBuilder != null) {
-              subBuilder.mergeFrom(lifetime_);
-              lifetime_ = subBuilder.buildPartial();
-            }
-
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-      }
-      if (((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
-        scope_ = scope_.getUnmodifiableView();
-      }
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
-  }
-
-  private int bitField0_;
-  public static final int NAME_FIELD_NUMBER = 1;
-  private volatile java.lang.Object name_;
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public java.lang.String getName() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      name_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      name_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int DELEGATES_FIELD_NUMBER = 2;
-  private com.google.protobuf.LazyStringList delegates_;
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
-    return delegates_;
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public int getDelegatesCount() {
-    return delegates_.size();
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public java.lang.String getDelegates(int index) {
-    return delegates_.get(index);
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
-    return delegates_.getByteString(index);
-  }
-
-  public static final int SCOPE_FIELD_NUMBER = 4;
-  private com.google.protobuf.LazyStringList scope_;
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getScopeList() {
-    return scope_;
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  public int getScopeCount() {
-    return scope_.size();
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  public java.lang.String getScope(int index) {
-    return scope_.get(index);
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  public com.google.protobuf.ByteString
-      getScopeBytes(int index) {
-    return scope_.getByteString(index);
-  }
-
-  public static final int LIFETIME_FIELD_NUMBER = 7;
-  private com.google.protobuf.Duration lifetime_;
-  /**
-   * <pre>
-   * The desired lifetime duration of the access token in seconds.
-   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-   * not specified, the token's lifetime will be set to a default value of one
-   * hour.
-   * </pre>
-   *
-   * <code>.google.protobuf.Duration lifetime = 7;</code>
-   */
-  public boolean hasLifetime() {
-    return lifetime_ != null;
-  }
-  /**
-   * <pre>
-   * The desired lifetime duration of the access token in seconds.
-   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-   * not specified, the token's lifetime will be set to a default value of one
-   * hour.
-   * </pre>
-   *
-   * <code>.google.protobuf.Duration lifetime = 7;</code>
-   */
-  public com.google.protobuf.Duration getLifetime() {
-    return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
-  }
-  /**
-   * <pre>
-   * The desired lifetime duration of the access token in seconds.
-   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-   * not specified, the token's lifetime will be set to a default value of one
-   * hour.
-   * </pre>
-   *
-   * <code>.google.protobuf.Duration lifetime = 7;</code>
-   */
-  public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
-    return getLifetime();
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getNameBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
-    }
-    for (int i = 0; i < delegates_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, delegates_.getRaw(i));
-    }
-    for (int i = 0; i < scope_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 4, scope_.getRaw(i));
-    }
-    if (lifetime_ != null) {
-      output.writeMessage(7, getLifetime());
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getNameBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < delegates_.size(); i++) {
-        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getDelegatesList().size();
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < scope_.size(); i++) {
-        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getScopeList().size();
-    }
-    if (lifetime_ != null) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeMessageSize(7, getLifetime());
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.GenerateAccessTokenRequest)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.GenerateAccessTokenRequest other = (com.google.iam.credentials.v1.GenerateAccessTokenRequest) obj;
-
-    boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getScopeList()
-        .equals(other.getScopeList());
-    result = result && (hasLifetime() == other.hasLifetime());
-    if (hasLifetime()) {
-      result = result && getLifetime()
-          .equals(other.getLifetime());
-    }
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + NAME_FIELD_NUMBER;
-    hash = (53 * hash) + getName().hashCode();
-    if (getDelegatesCount() > 0) {
-      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
-      hash = (53 * hash) + getDelegatesList().hashCode();
-    }
-    if (getScopeCount() > 0) {
-      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
-      hash = (53 * hash) + getScopeList().hashCode();
-    }
-    if (hasLifetime()) {
-      hash = (37 * hash) + LIFETIME_FIELD_NUMBER;
-      hash = (53 * hash) + getLifetime().hashCode();
-    }
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateAccessTokenRequest prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
-      com.google.iam.credentials.v1.GenerateAccessTokenRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.GenerateAccessTokenRequest.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      name_ = "";
-
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000004);
-      if (lifetimeBuilder_ == null) {
-        lifetime_ = null;
-      } else {
-        lifetime_ = null;
-        lifetimeBuilder_ = null;
-      }
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateAccessTokenRequest build() {
-      com.google.iam.credentials.v1.GenerateAccessTokenRequest result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateAccessTokenRequest buildPartial() {
-      com.google.iam.credentials.v1.GenerateAccessTokenRequest result = new com.google.iam.credentials.v1.GenerateAccessTokenRequest(this);
-      int from_bitField0_ = bitField0_;
-      int to_bitField0_ = 0;
-      result.name_ = name_;
-      if (((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000002);
-      }
-      result.delegates_ = delegates_;
-      if (((bitField0_ & 0x00000004) == 0x00000004)) {
-        scope_ = scope_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000004);
-      }
-      result.scope_ = scope_;
-      if (lifetimeBuilder_ == null) {
-        result.lifetime_ = lifetime_;
-      } else {
-        result.lifetime_ = lifetimeBuilder_.build();
-      }
-      result.bitField0_ = to_bitField0_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.GenerateAccessTokenRequest) {
-        return mergeFrom((com.google.iam.credentials.v1.GenerateAccessTokenRequest)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateAccessTokenRequest other) {
-      if (other == com.google.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()) return this;
-      if (!other.getName().isEmpty()) {
-        name_ = other.name_;
-        onChanged();
-      }
-      if (!other.delegates_.isEmpty()) {
-        if (delegates_.isEmpty()) {
-          delegates_ = other.delegates_;
-          bitField0_ = (bitField0_ & ~0x00000002);
-        } else {
-          ensureDelegatesIsMutable();
-          delegates_.addAll(other.delegates_);
-        }
-        onChanged();
-      }
-      if (!other.scope_.isEmpty()) {
-        if (scope_.isEmpty()) {
-          scope_ = other.scope_;
-          bitField0_ = (bitField0_ & ~0x00000004);
-        } else {
-          ensureScopeIsMutable();
-          scope_.addAll(other.scope_);
-        }
-        onChanged();
-      }
-      if (other.hasLifetime()) {
-        mergeLifetime(other.getLifetime());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.GenerateAccessTokenRequest parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.GenerateAccessTokenRequest) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-    private int bitField0_;
-
-    private java.lang.Object name_ = "";
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public java.lang.String getName() {
-      java.lang.Object ref = name_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        name_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
-      java.lang.Object ref = name_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        name_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setName(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      name_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder clearName() {
-      
-      name_ = getDefaultInstance().getName();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      name_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureDelegatesIsMutable() {
-      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
-        bitField0_ |= 0x00000002;
-       }
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
-      return delegates_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public int getDelegatesCount() {
-      return delegates_.size();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public java.lang.String getDelegates(int index) {
-      return delegates_.get(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
-      return delegates_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder addDelegates(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder clearDelegates() {
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureScopeIsMutable() {
-      if (!((bitField0_ & 0x00000004) == 0x00000004)) {
-        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
-        bitField0_ |= 0x00000004;
-       }
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getScopeList() {
-      return scope_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public int getScopeCount() {
-      return scope_.size();
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public java.lang.String getScope(int index) {
-      return scope_.get(index);
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public com.google.protobuf.ByteString
-        getScopeBytes(int index) {
-      return scope_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public Builder setScope(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
-      scope_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public Builder addScope(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
-      scope_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public Builder addAllScope(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureScopeIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, scope_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public Builder clearScope() {
-      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000004);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 4;</code>
-     */
-    public Builder addScopeBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureScopeIsMutable();
-      scope_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.Duration lifetime_ = null;
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> lifetimeBuilder_;
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public boolean hasLifetime() {
-      return lifetimeBuilder_ != null || lifetime_ != null;
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public com.google.protobuf.Duration getLifetime() {
-      if (lifetimeBuilder_ == null) {
-        return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
-      } else {
-        return lifetimeBuilder_.getMessage();
-      }
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public Builder setLifetime(com.google.protobuf.Duration value) {
-      if (lifetimeBuilder_ == null) {
-        if (value == null) {
-          throw new NullPointerException();
-        }
-        lifetime_ = value;
-        onChanged();
-      } else {
-        lifetimeBuilder_.setMessage(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public Builder setLifetime(
-        com.google.protobuf.Duration.Builder builderForValue) {
-      if (lifetimeBuilder_ == null) {
-        lifetime_ = builderForValue.build();
-        onChanged();
-      } else {
-        lifetimeBuilder_.setMessage(builderForValue.build());
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public Builder mergeLifetime(com.google.protobuf.Duration value) {
-      if (lifetimeBuilder_ == null) {
-        if (lifetime_ != null) {
-          lifetime_ =
-            com.google.protobuf.Duration.newBuilder(lifetime_).mergeFrom(value).buildPartial();
-        } else {
-          lifetime_ = value;
-        }
-        onChanged();
-      } else {
-        lifetimeBuilder_.mergeFrom(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public Builder clearLifetime() {
-      if (lifetimeBuilder_ == null) {
-        lifetime_ = null;
-        onChanged();
-      } else {
-        lifetime_ = null;
-        lifetimeBuilder_ = null;
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public com.google.protobuf.Duration.Builder getLifetimeBuilder() {
-      
-      onChanged();
-      return getLifetimeFieldBuilder().getBuilder();
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
-      if (lifetimeBuilder_ != null) {
-        return lifetimeBuilder_.getMessageOrBuilder();
-      } else {
-        return lifetime_ == null ?
-            com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
-      }
-    }
-    /**
-     * <pre>
-     * The desired lifetime duration of the access token in seconds.
-     * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-     * not specified, the token's lifetime will be set to a default value of one
-     * hour.
-     * </pre>
-     *
-     * <code>.google.protobuf.Duration lifetime = 7;</code>
-     */
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> 
-        getLifetimeFieldBuilder() {
-      if (lifetimeBuilder_ == null) {
-        lifetimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-            com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder>(
-                getLifetime(),
-                getParentForChildren(),
-                isClean());
-        lifetime_ = null;
-      }
-      return lifetimeBuilder_;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
-  private static final com.google.iam.credentials.v1.GenerateAccessTokenRequest DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateAccessTokenRequest();
-  }
-
-  public static com.google.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateAccessTokenRequest>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenRequest>() {
-    @java.lang.Override
-    public GenerateAccessTokenRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateAccessTokenRequest(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateAccessTokenRequest> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateAccessTokenRequest> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
deleted file mode 100644
index 6123461aa676..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
+++ /dev/null
@@ -1,175 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface GenerateAccessTokenRequestOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenRequest)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  java.lang.String getName();
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getNameBytes();
-
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  java.util.List<java.lang.String>
-      getDelegatesList();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  int getDelegatesCount();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  java.lang.String getDelegates(int index);
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
-
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  java.util.List<java.lang.String>
-      getScopeList();
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  int getScopeCount();
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  java.lang.String getScope(int index);
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 4;</code>
-   */
-  com.google.protobuf.ByteString
-      getScopeBytes(int index);
-
-  /**
-   * <pre>
-   * The desired lifetime duration of the access token in seconds.
-   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-   * not specified, the token's lifetime will be set to a default value of one
-   * hour.
-   * </pre>
-   *
-   * <code>.google.protobuf.Duration lifetime = 7;</code>
-   */
-  boolean hasLifetime();
-  /**
-   * <pre>
-   * The desired lifetime duration of the access token in seconds.
-   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-   * not specified, the token's lifetime will be set to a default value of one
-   * hour.
-   * </pre>
-   *
-   * <code>.google.protobuf.Duration lifetime = 7;</code>
-   */
-  com.google.protobuf.Duration getLifetime();
-  /**
-   * <pre>
-   * The desired lifetime duration of the access token in seconds.
-   * Must be set to a value less than or equal to 3600 (1 hour). If a value is
-   * not specified, the token's lifetime will be set to a default value of one
-   * hour.
-   * </pre>
-   *
-   * <code>.google.protobuf.Duration lifetime = 7;</code>
-   */
-  com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java
deleted file mode 100644
index 4628b768caa8..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponse.java
+++ /dev/null
@@ -1,810 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
- */
-public  final class GenerateAccessTokenResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
-    GenerateAccessTokenResponseOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateAccessTokenResponse.newBuilder() to construct.
-  private GenerateAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateAccessTokenResponse() {
-    accessToken_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateAccessTokenResponse(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            accessToken_ = s;
-            break;
-          }
-          case 26: {
-            com.google.protobuf.Timestamp.Builder subBuilder = null;
-            if (expireTime_ != null) {
-              subBuilder = expireTime_.toBuilder();
-            }
-            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
-            if (subBuilder != null) {
-              subBuilder.mergeFrom(expireTime_);
-              expireTime_ = subBuilder.buildPartial();
-            }
-
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
-  }
-
-  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
-  private volatile java.lang.Object accessToken_;
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  public java.lang.String getAccessToken() {
-    java.lang.Object ref = accessToken_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      accessToken_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getAccessTokenBytes() {
-    java.lang.Object ref = accessToken_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      accessToken_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int EXPIRE_TIME_FIELD_NUMBER = 3;
-  private com.google.protobuf.Timestamp expireTime_;
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-   */
-  public boolean hasExpireTime() {
-    return expireTime_ != null;
-  }
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-   */
-  public com.google.protobuf.Timestamp getExpireTime() {
-    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-  }
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-   */
-  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
-    return getExpireTime();
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getAccessTokenBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
-    }
-    if (expireTime_ != null) {
-      output.writeMessage(3, getExpireTime());
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getAccessTokenBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
-    }
-    if (expireTime_ != null) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeMessageSize(3, getExpireTime());
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.GenerateAccessTokenResponse)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.GenerateAccessTokenResponse other = (com.google.iam.credentials.v1.GenerateAccessTokenResponse) obj;
-
-    boolean result = true;
-    result = result && getAccessToken()
-        .equals(other.getAccessToken());
-    result = result && (hasExpireTime() == other.hasExpireTime());
-    if (hasExpireTime()) {
-      result = result && getExpireTime()
-          .equals(other.getExpireTime());
-    }
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
-    hash = (53 * hash) + getAccessToken().hashCode();
-    if (hasExpireTime()) {
-      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
-      hash = (53 * hash) + getExpireTime().hashCode();
-    }
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateAccessTokenResponse prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
-      com.google.iam.credentials.v1.GenerateAccessTokenResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.GenerateAccessTokenResponse.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      accessToken_ = "";
-
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = null;
-      } else {
-        expireTime_ = null;
-        expireTimeBuilder_ = null;
-      }
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateAccessTokenResponse build() {
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateAccessTokenResponse buildPartial() {
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse result = new com.google.iam.credentials.v1.GenerateAccessTokenResponse(this);
-      result.accessToken_ = accessToken_;
-      if (expireTimeBuilder_ == null) {
-        result.expireTime_ = expireTime_;
-      } else {
-        result.expireTime_ = expireTimeBuilder_.build();
-      }
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.GenerateAccessTokenResponse) {
-        return mergeFrom((com.google.iam.credentials.v1.GenerateAccessTokenResponse)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateAccessTokenResponse other) {
-      if (other == com.google.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()) return this;
-      if (!other.getAccessToken().isEmpty()) {
-        accessToken_ = other.accessToken_;
-        onChanged();
-      }
-      if (other.hasExpireTime()) {
-        mergeExpireTime(other.getExpireTime());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.GenerateAccessTokenResponse parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.GenerateAccessTokenResponse) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-
-    private java.lang.Object accessToken_ = "";
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public java.lang.String getAccessToken() {
-      java.lang.Object ref = accessToken_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        accessToken_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getAccessTokenBytes() {
-      java.lang.Object ref = accessToken_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        accessToken_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder setAccessToken(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      accessToken_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder clearAccessToken() {
-      
-      accessToken_ = getDefaultInstance().getAccessToken();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder setAccessTokenBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      accessToken_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.Timestamp expireTime_ = null;
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public boolean hasExpireTime() {
-      return expireTimeBuilder_ != null || expireTime_ != null;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public com.google.protobuf.Timestamp getExpireTime() {
-      if (expireTimeBuilder_ == null) {
-        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-      } else {
-        return expireTimeBuilder_.getMessage();
-      }
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
-      if (expireTimeBuilder_ == null) {
-        if (value == null) {
-          throw new NullPointerException();
-        }
-        expireTime_ = value;
-        onChanged();
-      } else {
-        expireTimeBuilder_.setMessage(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public Builder setExpireTime(
-        com.google.protobuf.Timestamp.Builder builderForValue) {
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = builderForValue.build();
-        onChanged();
-      } else {
-        expireTimeBuilder_.setMessage(builderForValue.build());
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
-      if (expireTimeBuilder_ == null) {
-        if (expireTime_ != null) {
-          expireTime_ =
-            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
-        } else {
-          expireTime_ = value;
-        }
-        onChanged();
-      } else {
-        expireTimeBuilder_.mergeFrom(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public Builder clearExpireTime() {
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = null;
-        onChanged();
-      } else {
-        expireTime_ = null;
-        expireTimeBuilder_ = null;
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
-      
-      onChanged();
-      return getExpireTimeFieldBuilder().getBuilder();
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
-      if (expireTimeBuilder_ != null) {
-        return expireTimeBuilder_.getMessageOrBuilder();
-      } else {
-        return expireTime_ == null ?
-            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-      }
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-     */
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
-        getExpireTimeFieldBuilder() {
-      if (expireTimeBuilder_ == null) {
-        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
-                getExpireTime(),
-                getParentForChildren(),
-                isClean());
-        expireTime_ = null;
-      }
-      return expireTimeBuilder_;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
-  private static final com.google.iam.credentials.v1.GenerateAccessTokenResponse DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateAccessTokenResponse();
-  }
-
-  public static com.google.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateAccessTokenResponse>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenResponse>() {
-    @java.lang.Override
-    public GenerateAccessTokenResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateAccessTokenResponse(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateAccessTokenResponse> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateAccessTokenResponse> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
deleted file mode 100644
index d0d922aca713..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
+++ /dev/null
@@ -1,55 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface GenerateAccessTokenResponseOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenResponse)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  java.lang.String getAccessToken();
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getAccessTokenBytes();
-
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-   */
-  boolean hasExpireTime();
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-   */
-  com.google.protobuf.Timestamp getExpireTime();
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 3;</code>
-   */
-  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java
deleted file mode 100644
index 24eb6636dcf2..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequest.java
+++ /dev/null
@@ -1,1142 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
- */
-public  final class GenerateIdTokenRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
-    GenerateIdTokenRequestOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateIdTokenRequest.newBuilder() to construct.
-  private GenerateIdTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateIdTokenRequest() {
-    name_ = "";
-    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    audience_ = "";
-    includeEmail_ = false;
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateIdTokenRequest(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            name_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
-            }
-            delegates_.add(s);
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            audience_ = s;
-            break;
-          }
-          case 32: {
-
-            includeEmail_ = input.readBool();
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-      }
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
-  }
-
-  private int bitField0_;
-  public static final int NAME_FIELD_NUMBER = 1;
-  private volatile java.lang.Object name_;
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public java.lang.String getName() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      name_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      name_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int DELEGATES_FIELD_NUMBER = 2;
-  private com.google.protobuf.LazyStringList delegates_;
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
-    return delegates_;
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public int getDelegatesCount() {
-    return delegates_.size();
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public java.lang.String getDelegates(int index) {
-    return delegates_.get(index);
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
-    return delegates_.getByteString(index);
-  }
-
-  public static final int AUDIENCE_FIELD_NUMBER = 3;
-  private volatile java.lang.Object audience_;
-  /**
-   * <pre>
-   * The audience for the token, such as the API or account that this token
-   * grants access to.
-   * </pre>
-   *
-   * <code>string audience = 3;</code>
-   */
-  public java.lang.String getAudience() {
-    java.lang.Object ref = audience_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      audience_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The audience for the token, such as the API or account that this token
-   * grants access to.
-   * </pre>
-   *
-   * <code>string audience = 3;</code>
-   */
-  public com.google.protobuf.ByteString
-      getAudienceBytes() {
-    java.lang.Object ref = audience_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      audience_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int INCLUDE_EMAIL_FIELD_NUMBER = 4;
-  private boolean includeEmail_;
-  /**
-   * <pre>
-   * Include the service account email in the token. If set to `true`, the
-   * token will contain `email` and `email_verified` claims.
-   * </pre>
-   *
-   * <code>bool include_email = 4;</code>
-   */
-  public boolean getIncludeEmail() {
-    return includeEmail_;
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getNameBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
-    }
-    for (int i = 0; i < delegates_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, delegates_.getRaw(i));
-    }
-    if (!getAudienceBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, audience_);
-    }
-    if (includeEmail_ != false) {
-      output.writeBool(4, includeEmail_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getNameBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < delegates_.size(); i++) {
-        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getDelegatesList().size();
-    }
-    if (!getAudienceBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, audience_);
-    }
-    if (includeEmail_ != false) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeBoolSize(4, includeEmail_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdTokenRequest)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.GenerateIdTokenRequest other = (com.google.iam.credentials.v1.GenerateIdTokenRequest) obj;
-
-    boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getAudience()
-        .equals(other.getAudience());
-    result = result && (getIncludeEmail()
-        == other.getIncludeEmail());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + NAME_FIELD_NUMBER;
-    hash = (53 * hash) + getName().hashCode();
-    if (getDelegatesCount() > 0) {
-      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
-      hash = (53 * hash) + getDelegatesList().hashCode();
-    }
-    hash = (37 * hash) + AUDIENCE_FIELD_NUMBER;
-    hash = (53 * hash) + getAudience().hashCode();
-    hash = (37 * hash) + INCLUDE_EMAIL_FIELD_NUMBER;
-    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(
-        getIncludeEmail());
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdTokenRequest prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
-      com.google.iam.credentials.v1.GenerateIdTokenRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.GenerateIdTokenRequest.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      name_ = "";
-
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      audience_ = "";
-
-      includeEmail_ = false;
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdTokenRequest build() {
-      com.google.iam.credentials.v1.GenerateIdTokenRequest result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdTokenRequest buildPartial() {
-      com.google.iam.credentials.v1.GenerateIdTokenRequest result = new com.google.iam.credentials.v1.GenerateIdTokenRequest(this);
-      int from_bitField0_ = bitField0_;
-      int to_bitField0_ = 0;
-      result.name_ = name_;
-      if (((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000002);
-      }
-      result.delegates_ = delegates_;
-      result.audience_ = audience_;
-      result.includeEmail_ = includeEmail_;
-      result.bitField0_ = to_bitField0_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.GenerateIdTokenRequest) {
-        return mergeFrom((com.google.iam.credentials.v1.GenerateIdTokenRequest)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdTokenRequest other) {
-      if (other == com.google.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()) return this;
-      if (!other.getName().isEmpty()) {
-        name_ = other.name_;
-        onChanged();
-      }
-      if (!other.delegates_.isEmpty()) {
-        if (delegates_.isEmpty()) {
-          delegates_ = other.delegates_;
-          bitField0_ = (bitField0_ & ~0x00000002);
-        } else {
-          ensureDelegatesIsMutable();
-          delegates_.addAll(other.delegates_);
-        }
-        onChanged();
-      }
-      if (!other.getAudience().isEmpty()) {
-        audience_ = other.audience_;
-        onChanged();
-      }
-      if (other.getIncludeEmail() != false) {
-        setIncludeEmail(other.getIncludeEmail());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.GenerateIdTokenRequest parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.GenerateIdTokenRequest) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-    private int bitField0_;
-
-    private java.lang.Object name_ = "";
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public java.lang.String getName() {
-      java.lang.Object ref = name_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        name_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
-      java.lang.Object ref = name_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        name_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setName(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      name_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder clearName() {
-      
-      name_ = getDefaultInstance().getName();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      name_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureDelegatesIsMutable() {
-      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
-        bitField0_ |= 0x00000002;
-       }
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
-      return delegates_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public int getDelegatesCount() {
-      return delegates_.size();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public java.lang.String getDelegates(int index) {
-      return delegates_.get(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
-      return delegates_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder addDelegates(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder clearDelegates() {
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 2;</code>
-     */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private java.lang.Object audience_ = "";
-    /**
-     * <pre>
-     * The audience for the token, such as the API or account that this token
-     * grants access to.
-     * </pre>
-     *
-     * <code>string audience = 3;</code>
-     */
-    public java.lang.String getAudience() {
-      java.lang.Object ref = audience_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        audience_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The audience for the token, such as the API or account that this token
-     * grants access to.
-     * </pre>
-     *
-     * <code>string audience = 3;</code>
-     */
-    public com.google.protobuf.ByteString
-        getAudienceBytes() {
-      java.lang.Object ref = audience_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        audience_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The audience for the token, such as the API or account that this token
-     * grants access to.
-     * </pre>
-     *
-     * <code>string audience = 3;</code>
-     */
-    public Builder setAudience(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      audience_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The audience for the token, such as the API or account that this token
-     * grants access to.
-     * </pre>
-     *
-     * <code>string audience = 3;</code>
-     */
-    public Builder clearAudience() {
-      
-      audience_ = getDefaultInstance().getAudience();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The audience for the token, such as the API or account that this token
-     * grants access to.
-     * </pre>
-     *
-     * <code>string audience = 3;</code>
-     */
-    public Builder setAudienceBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      audience_ = value;
-      onChanged();
-      return this;
-    }
-
-    private boolean includeEmail_ ;
-    /**
-     * <pre>
-     * Include the service account email in the token. If set to `true`, the
-     * token will contain `email` and `email_verified` claims.
-     * </pre>
-     *
-     * <code>bool include_email = 4;</code>
-     */
-    public boolean getIncludeEmail() {
-      return includeEmail_;
-    }
-    /**
-     * <pre>
-     * Include the service account email in the token. If set to `true`, the
-     * token will contain `email` and `email_verified` claims.
-     * </pre>
-     *
-     * <code>bool include_email = 4;</code>
-     */
-    public Builder setIncludeEmail(boolean value) {
-      
-      includeEmail_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Include the service account email in the token. If set to `true`, the
-     * token will contain `email` and `email_verified` claims.
-     * </pre>
-     *
-     * <code>bool include_email = 4;</code>
-     */
-    public Builder clearIncludeEmail() {
-      
-      includeEmail_ = false;
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
-  private static final com.google.iam.credentials.v1.GenerateIdTokenRequest DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdTokenRequest();
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateIdTokenRequest>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenRequest>() {
-    @java.lang.Override
-    public GenerateIdTokenRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdTokenRequest(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateIdTokenRequest> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateIdTokenRequest> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
deleted file mode 100644
index 1e1cf0139ac6..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
+++ /dev/null
@@ -1,124 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface GenerateIdTokenRequestOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenRequest)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  java.lang.String getName();
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getNameBytes();
-
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  java.util.List<java.lang.String>
-      getDelegatesList();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  int getDelegatesCount();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  java.lang.String getDelegates(int index);
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 2;</code>
-   */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
-
-  /**
-   * <pre>
-   * The audience for the token, such as the API or account that this token
-   * grants access to.
-   * </pre>
-   *
-   * <code>string audience = 3;</code>
-   */
-  java.lang.String getAudience();
-  /**
-   * <pre>
-   * The audience for the token, such as the API or account that this token
-   * grants access to.
-   * </pre>
-   *
-   * <code>string audience = 3;</code>
-   */
-  com.google.protobuf.ByteString
-      getAudienceBytes();
-
-  /**
-   * <pre>
-   * Include the service account email in the token. If set to `true`, the
-   * token will contain `email` and `email_verified` claims.
-   * </pre>
-   *
-   * <code>bool include_email = 4;</code>
-   */
-  boolean getIncludeEmail();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java
deleted file mode 100644
index 3b986d70d0b8..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponse.java
+++ /dev/null
@@ -1,569 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
- */
-public  final class GenerateIdTokenResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
-    GenerateIdTokenResponseOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateIdTokenResponse.newBuilder() to construct.
-  private GenerateIdTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateIdTokenResponse() {
-    token_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateIdTokenResponse(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            token_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
-  }
-
-  public static final int TOKEN_FIELD_NUMBER = 1;
-  private volatile java.lang.Object token_;
-  /**
-   * <pre>
-   * The OpenId Connect ID token.
-   * </pre>
-   *
-   * <code>string token = 1;</code>
-   */
-  public java.lang.String getToken() {
-    java.lang.Object ref = token_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      token_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The OpenId Connect ID token.
-   * </pre>
-   *
-   * <code>string token = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getTokenBytes() {
-    java.lang.Object ref = token_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      token_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getTokenBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, token_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getTokenBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, token_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdTokenResponse)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.GenerateIdTokenResponse other = (com.google.iam.credentials.v1.GenerateIdTokenResponse) obj;
-
-    boolean result = true;
-    result = result && getToken()
-        .equals(other.getToken());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + TOKEN_FIELD_NUMBER;
-    hash = (53 * hash) + getToken().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdTokenResponse prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
-      com.google.iam.credentials.v1.GenerateIdTokenResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.GenerateIdTokenResponse.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      token_ = "";
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdTokenResponse build() {
-      com.google.iam.credentials.v1.GenerateIdTokenResponse result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdTokenResponse buildPartial() {
-      com.google.iam.credentials.v1.GenerateIdTokenResponse result = new com.google.iam.credentials.v1.GenerateIdTokenResponse(this);
-      result.token_ = token_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.GenerateIdTokenResponse) {
-        return mergeFrom((com.google.iam.credentials.v1.GenerateIdTokenResponse)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdTokenResponse other) {
-      if (other == com.google.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()) return this;
-      if (!other.getToken().isEmpty()) {
-        token_ = other.token_;
-        onChanged();
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.GenerateIdTokenResponse parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.GenerateIdTokenResponse) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-
-    private java.lang.Object token_ = "";
-    /**
-     * <pre>
-     * The OpenId Connect ID token.
-     * </pre>
-     *
-     * <code>string token = 1;</code>
-     */
-    public java.lang.String getToken() {
-      java.lang.Object ref = token_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        token_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OpenId Connect ID token.
-     * </pre>
-     *
-     * <code>string token = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getTokenBytes() {
-      java.lang.Object ref = token_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        token_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OpenId Connect ID token.
-     * </pre>
-     *
-     * <code>string token = 1;</code>
-     */
-    public Builder setToken(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      token_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OpenId Connect ID token.
-     * </pre>
-     *
-     * <code>string token = 1;</code>
-     */
-    public Builder clearToken() {
-      
-      token_ = getDefaultInstance().getToken();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OpenId Connect ID token.
-     * </pre>
-     *
-     * <code>string token = 1;</code>
-     */
-    public Builder setTokenBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      token_ = value;
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
-  private static final com.google.iam.credentials.v1.GenerateIdTokenResponse DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdTokenResponse();
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateIdTokenResponse>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenResponse>() {
-    @java.lang.Override
-    public GenerateIdTokenResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdTokenResponse(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateIdTokenResponse> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateIdTokenResponse> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
deleted file mode 100644
index 71c4a2f7583b..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
+++ /dev/null
@@ -1,27 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface GenerateIdTokenResponseOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenResponse)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The OpenId Connect ID token.
-   * </pre>
-   *
-   * <code>string token = 1;</code>
-   */
-  java.lang.String getToken();
-  /**
-   * <pre>
-   * The OpenId Connect ID token.
-   * </pre>
-   *
-   * <code>string token = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getTokenBytes();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
deleted file mode 100644
index 25d008a73d6c..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
+++ /dev/null
@@ -1,1298 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
- */
-public  final class GenerateIdentityBindingAccessTokenRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-    GenerateIdentityBindingAccessTokenRequestOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateIdentityBindingAccessTokenRequest.newBuilder() to construct.
-  private GenerateIdentityBindingAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateIdentityBindingAccessTokenRequest() {
-    name_ = "";
-    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    jwt_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateIdentityBindingAccessTokenRequest(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            name_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              scope_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
-            }
-            scope_.add(s);
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            jwt_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-        scope_ = scope_.getUnmodifiableView();
-      }
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
-  }
-
-  private int bitField0_;
-  public static final int NAME_FIELD_NUMBER = 1;
-  private volatile java.lang.Object name_;
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public java.lang.String getName() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      name_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      name_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int SCOPE_FIELD_NUMBER = 2;
-  private com.google.protobuf.LazyStringList scope_;
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getScopeList() {
-    return scope_;
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public int getScopeCount() {
-    return scope_.size();
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public java.lang.String getScope(int index) {
-    return scope_.get(index);
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public com.google.protobuf.ByteString
-      getScopeBytes(int index) {
-    return scope_.getByteString(index);
-  }
-
-  public static final int JWT_FIELD_NUMBER = 3;
-  private volatile java.lang.Object jwt_;
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  public java.lang.String getJwt() {
-    java.lang.Object ref = jwt_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      jwt_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  public com.google.protobuf.ByteString
-      getJwtBytes() {
-    java.lang.Object ref = jwt_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      jwt_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getNameBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
-    }
-    for (int i = 0; i < scope_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, scope_.getRaw(i));
-    }
-    if (!getJwtBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, jwt_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getNameBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < scope_.size(); i++) {
-        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getScopeList().size();
-    }
-    if (!getJwtBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, jwt_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) obj;
-
-    boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getScopeList()
-        .equals(other.getScopeList());
-    result = result && getJwt()
-        .equals(other.getJwt());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + NAME_FIELD_NUMBER;
-    hash = (53 * hash) + getName().hashCode();
-    if (getScopeCount() > 0) {
-      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
-      hash = (53 * hash) + getScopeList().hashCode();
-    }
-    hash = (37 * hash) + JWT_FIELD_NUMBER;
-    hash = (53 * hash) + getJwt().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      name_ = "";
-
-      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      jwt_ = "";
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest build() {
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest buildPartial() {
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest(this);
-      int from_bitField0_ = bitField0_;
-      int to_bitField0_ = 0;
-      result.name_ = name_;
-      if (((bitField0_ & 0x00000002) == 0x00000002)) {
-        scope_ = scope_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000002);
-      }
-      result.scope_ = scope_;
-      result.jwt_ = jwt_;
-      result.bitField0_ = to_bitField0_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) {
-        return mergeFrom((com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other) {
-      if (other == com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance()) return this;
-      if (!other.getName().isEmpty()) {
-        name_ = other.name_;
-        onChanged();
-      }
-      if (!other.scope_.isEmpty()) {
-        if (scope_.isEmpty()) {
-          scope_ = other.scope_;
-          bitField0_ = (bitField0_ & ~0x00000002);
-        } else {
-          ensureScopeIsMutable();
-          scope_.addAll(other.scope_);
-        }
-        onChanged();
-      }
-      if (!other.getJwt().isEmpty()) {
-        jwt_ = other.jwt_;
-        onChanged();
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-    private int bitField0_;
-
-    private java.lang.Object name_ = "";
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public java.lang.String getName() {
-      java.lang.Object ref = name_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        name_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
-      java.lang.Object ref = name_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        name_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setName(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      name_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder clearName() {
-      
-      name_ = getDefaultInstance().getName();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      name_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureScopeIsMutable() {
-      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
-        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
-        bitField0_ |= 0x00000002;
-       }
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getScopeList() {
-      return scope_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public int getScopeCount() {
-      return scope_.size();
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public java.lang.String getScope(int index) {
-      return scope_.get(index);
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public com.google.protobuf.ByteString
-        getScopeBytes(int index) {
-      return scope_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder setScope(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
-      scope_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder addScope(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
-      scope_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder addAllScope(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureScopeIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, scope_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder clearScope() {
-      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder addScopeBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureScopeIsMutable();
-      scope_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private java.lang.Object jwt_ = "";
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public java.lang.String getJwt() {
-      java.lang.Object ref = jwt_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        jwt_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public com.google.protobuf.ByteString
-        getJwtBytes() {
-      java.lang.Object ref = jwt_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        jwt_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public Builder setJwt(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      jwt_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public Builder clearJwt() {
-      
-      jwt_ = getDefaultInstance().getJwt();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public Builder setJwtBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      jwt_ = value;
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-  private static final com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest();
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenRequest>() {
-    @java.lang.Override
-    public GenerateIdentityBindingAccessTokenRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdentityBindingAccessTokenRequest(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
deleted file mode 100644
index 74333b157c24..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
+++ /dev/null
@@ -1,180 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface GenerateIdentityBindingAccessTokenRequestOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  java.lang.String getName();
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getNameBytes();
-
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  java.util.List<java.lang.String>
-      getScopeList();
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  int getScopeCount();
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  java.lang.String getScope(int index);
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  com.google.protobuf.ByteString
-      getScopeBytes(int index);
-
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  java.lang.String getJwt();
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  com.google.protobuf.ByteString
-      getJwtBytes();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
deleted file mode 100644
index 74bb40247138..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
+++ /dev/null
@@ -1,810 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
- */
-public  final class GenerateIdentityBindingAccessTokenResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-    GenerateIdentityBindingAccessTokenResponseOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateIdentityBindingAccessTokenResponse.newBuilder() to construct.
-  private GenerateIdentityBindingAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateIdentityBindingAccessTokenResponse() {
-    accessToken_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateIdentityBindingAccessTokenResponse(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            accessToken_ = s;
-            break;
-          }
-          case 18: {
-            com.google.protobuf.Timestamp.Builder subBuilder = null;
-            if (expireTime_ != null) {
-              subBuilder = expireTime_.toBuilder();
-            }
-            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
-            if (subBuilder != null) {
-              subBuilder.mergeFrom(expireTime_);
-              expireTime_ = subBuilder.buildPartial();
-            }
-
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
-  }
-
-  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
-  private volatile java.lang.Object accessToken_;
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  public java.lang.String getAccessToken() {
-    java.lang.Object ref = accessToken_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      accessToken_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getAccessTokenBytes() {
-    java.lang.Object ref = accessToken_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      accessToken_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int EXPIRE_TIME_FIELD_NUMBER = 2;
-  private com.google.protobuf.Timestamp expireTime_;
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  public boolean hasExpireTime() {
-    return expireTime_ != null;
-  }
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  public com.google.protobuf.Timestamp getExpireTime() {
-    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-  }
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
-    return getExpireTime();
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getAccessTokenBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
-    }
-    if (expireTime_ != null) {
-      output.writeMessage(2, getExpireTime());
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getAccessTokenBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
-    }
-    if (expireTime_ != null) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeMessageSize(2, getExpireTime());
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) obj;
-
-    boolean result = true;
-    result = result && getAccessToken()
-        .equals(other.getAccessToken());
-    result = result && (hasExpireTime() == other.hasExpireTime());
-    if (hasExpireTime()) {
-      result = result && getExpireTime()
-          .equals(other.getExpireTime());
-    }
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
-    hash = (53 * hash) + getAccessToken().hashCode();
-    if (hasExpireTime()) {
-      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
-      hash = (53 * hash) + getExpireTime().hashCode();
-    }
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      accessToken_ = "";
-
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = null;
-      } else {
-        expireTime_ = null;
-        expireTimeBuilder_ = null;
-      }
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse build() {
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse buildPartial() {
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse(this);
-      result.accessToken_ = accessToken_;
-      if (expireTimeBuilder_ == null) {
-        result.expireTime_ = expireTime_;
-      } else {
-        result.expireTime_ = expireTimeBuilder_.build();
-      }
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) {
-        return mergeFrom((com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other) {
-      if (other == com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance()) return this;
-      if (!other.getAccessToken().isEmpty()) {
-        accessToken_ = other.accessToken_;
-        onChanged();
-      }
-      if (other.hasExpireTime()) {
-        mergeExpireTime(other.getExpireTime());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-
-    private java.lang.Object accessToken_ = "";
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public java.lang.String getAccessToken() {
-      java.lang.Object ref = accessToken_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        accessToken_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getAccessTokenBytes() {
-      java.lang.Object ref = accessToken_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        accessToken_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder setAccessToken(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      accessToken_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder clearAccessToken() {
-      
-      accessToken_ = getDefaultInstance().getAccessToken();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder setAccessTokenBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      accessToken_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.Timestamp expireTime_ = null;
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public boolean hasExpireTime() {
-      return expireTimeBuilder_ != null || expireTime_ != null;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public com.google.protobuf.Timestamp getExpireTime() {
-      if (expireTimeBuilder_ == null) {
-        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-      } else {
-        return expireTimeBuilder_.getMessage();
-      }
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
-      if (expireTimeBuilder_ == null) {
-        if (value == null) {
-          throw new NullPointerException();
-        }
-        expireTime_ = value;
-        onChanged();
-      } else {
-        expireTimeBuilder_.setMessage(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder setExpireTime(
-        com.google.protobuf.Timestamp.Builder builderForValue) {
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = builderForValue.build();
-        onChanged();
-      } else {
-        expireTimeBuilder_.setMessage(builderForValue.build());
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
-      if (expireTimeBuilder_ == null) {
-        if (expireTime_ != null) {
-          expireTime_ =
-            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
-        } else {
-          expireTime_ = value;
-        }
-        onChanged();
-      } else {
-        expireTimeBuilder_.mergeFrom(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder clearExpireTime() {
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = null;
-        onChanged();
-      } else {
-        expireTime_ = null;
-        expireTimeBuilder_ = null;
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
-      
-      onChanged();
-      return getExpireTimeFieldBuilder().getBuilder();
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
-      if (expireTimeBuilder_ != null) {
-        return expireTimeBuilder_.getMessageOrBuilder();
-      } else {
-        return expireTime_ == null ?
-            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-      }
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
-        getExpireTimeFieldBuilder() {
-      if (expireTimeBuilder_ == null) {
-        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
-                getExpireTime(),
-                getParentForChildren(),
-                isClean());
-        expireTime_ = null;
-      }
-      return expireTimeBuilder_;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-  private static final com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse();
-  }
-
-  public static com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenResponse>() {
-    @java.lang.Override
-    public GenerateIdentityBindingAccessTokenResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdentityBindingAccessTokenResponse(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
deleted file mode 100644
index 1d0fca72ce0d..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
+++ /dev/null
@@ -1,55 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface GenerateIdentityBindingAccessTokenResponseOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  java.lang.String getAccessToken();
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getAccessTokenBytes();
-
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  boolean hasExpireTime();
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  com.google.protobuf.Timestamp getExpireTime();
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java
deleted file mode 100644
index deaf41eaff0e..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/IAMCredentialsCommonProto.java
+++ /dev/null
@@ -1,184 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public final class IAMCredentialsCommonProto {
-  private IAMCredentialsCommonProto() {}
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistryLite registry) {
-  }
-
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistry registry) {
-    registerAllExtensions(
-        (com.google.protobuf.ExtensionRegistryLite) registry);
-  }
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable;
-
-  public static com.google.protobuf.Descriptors.FileDescriptor
-      getDescriptor() {
-    return descriptor;
-  }
-  private static  com.google.protobuf.Descriptors.FileDescriptor
-      descriptor;
-  static {
-    java.lang.String[] descriptorData = {
-      "\n&google/iam/credentials/v1/common.proto" +
-      "\022\031google.iam.credentials.v1\032\036google/prot" +
-      "obuf/duration.proto\032\037google/protobuf/tim" +
-      "estamp.proto\"y\n\032GenerateAccessTokenReque" +
-      "st\022\014\n\004name\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\r\n\005s" +
-      "cope\030\004 \003(\t\022+\n\010lifetime\030\007 \001(\0132\031.google.pr" +
-      "otobuf.Duration\"d\n\033GenerateAccessTokenRe" +
-      "sponse\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_t" +
-      "ime\030\003 \001(\0132\032.google.protobuf.Timestamp\"C\n" +
-      "\017SignBlobRequest\022\014\n\004name\030\001 \001(\t\022\021\n\tdelega" +
-      "tes\030\003 \003(\t\022\017\n\007payload\030\005 \001(\014\"7\n\020SignBlobRe" +
-      "sponse\022\016\n\006key_id\030\001 \001(\t\022\023\n\013signed_blob\030\004 " +
-      "\001(\014\"B\n\016SignJwtRequest\022\014\n\004name\030\001 \001(\t\022\021\n\td" +
-      "elegates\030\003 \003(\t\022\017\n\007payload\030\005 \001(\t\"5\n\017SignJ" +
-      "wtResponse\022\016\n\006key_id\030\001 \001(\t\022\022\n\nsigned_jwt" +
-      "\030\002 \001(\t\"b\n\026GenerateIdTokenRequest\022\014\n\004name" +
-      "\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\020\n\010audience\030\003 " +
-      "\001(\t\022\025\n\rinclude_email\030\004 \001(\010\"(\n\027GenerateId" +
-      "TokenResponse\022\r\n\005token\030\001 \001(\t\"U\n)Generate" +
-      "IdentityBindingAccessTokenRequest\022\014\n\004nam" +
-      "e\030\001 \001(\t\022\r\n\005scope\030\002 \003(\t\022\013\n\003jwt\030\003 \001(\t\"s\n*G" +
-      "enerateIdentityBindingAccessTokenRespons" +
-      "e\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_time\030\002" +
-      " \001(\0132\032.google.protobuf.TimestampB\205\001\n\035com" +
-      ".google.iam.credentials.v1B\031IAMCredentia" +
-      "lsCommonProtoP\001ZDgoogle.golang.org/genpr" +
-      "oto/googleapis/iam/credentials/v1;creden" +
-      "tials\370\001\001b\006proto3"
-    };
-    com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
-        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
-          public com.google.protobuf.ExtensionRegistry assignDescriptors(
-              com.google.protobuf.Descriptors.FileDescriptor root) {
-            descriptor = root;
-            return null;
-          }
-        };
-    com.google.protobuf.Descriptors.FileDescriptor
-      .internalBuildGeneratedFileFrom(descriptorData,
-        new com.google.protobuf.Descriptors.FileDescriptor[] {
-          com.google.protobuf.DurationProto.getDescriptor(),
-          com.google.protobuf.TimestampProto.getDescriptor(),
-        }, assigner);
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor =
-      getDescriptor().getMessageTypes().get(0);
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Scope", "Lifetime", });
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor =
-      getDescriptor().getMessageTypes().get(1);
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor,
-        new java.lang.String[] { "AccessToken", "ExpireTime", });
-    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor =
-      getDescriptor().getMessageTypes().get(2);
-    internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Payload", });
-    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor =
-      getDescriptor().getMessageTypes().get(3);
-    internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor,
-        new java.lang.String[] { "KeyId", "SignedBlob", });
-    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor =
-      getDescriptor().getMessageTypes().get(4);
-    internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Payload", });
-    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor =
-      getDescriptor().getMessageTypes().get(5);
-    internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor,
-        new java.lang.String[] { "KeyId", "SignedJwt", });
-    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor =
-      getDescriptor().getMessageTypes().get(6);
-    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Audience", "IncludeEmail", });
-    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor =
-      getDescriptor().getMessageTypes().get(7);
-    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor,
-        new java.lang.String[] { "Token", });
-    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor =
-      getDescriptor().getMessageTypes().get(8);
-    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor,
-        new java.lang.String[] { "Name", "Scope", "Jwt", });
-    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor =
-      getDescriptor().getMessageTypes().get(9);
-    internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor,
-        new java.lang.String[] { "AccessToken", "ExpireTime", });
-    com.google.protobuf.DurationProto.getDescriptor();
-    com.google.protobuf.TimestampProto.getDescriptor();
-  }
-
-  // @@protoc_insertion_point(outer_class_scope)
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java
deleted file mode 100644
index 0df6138f644a..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/ServiceAccountName.java
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * Copyright 2018 Google LLC
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-
-package com.google.iam.credentials.v1;
-
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableMap;
-import com.google.api.pathtemplate.PathTemplate;
-import com.google.api.resourcenames.ResourceName;
-import java.util.Map;
-import java.util.ArrayList;
-import java.util.List;
-
-// AUTO-GENERATED DOCUMENTATION AND CLASS
-@javax.annotation.Generated("by GAPIC protoc plugin")
-public class ServiceAccountName implements ResourceName {
-
-  private static final PathTemplate PATH_TEMPLATE =
-      PathTemplate.createWithoutUrlEncoding("projects/{project}/serviceAccounts/{service_account}");
-
-  private volatile Map<String, String> fieldValuesMap;
-
-  private final String project;
-  private final String serviceAccount;
-
-  public String getProject() {
-    return project;
-  }
-
-  public String getServiceAccount() {
-    return serviceAccount;
-  }
-
-  public static Builder newBuilder() {
-    return new Builder();
-  }
-
-  public Builder toBuilder() {
-    return new Builder(this);
-  }
-
-  private ServiceAccountName(Builder builder) {
-    project = Preconditions.checkNotNull(builder.getProject());
-    serviceAccount = Preconditions.checkNotNull(builder.getServiceAccount());
-  }
-
-  public static ServiceAccountName of(String project, String serviceAccount) {
-    return newBuilder()
-      .setProject(project)
-      .setServiceAccount(serviceAccount)
-      .build();
-  }
-
-  public static String format(String project, String serviceAccount) {
-    return newBuilder()
-      .setProject(project)
-      .setServiceAccount(serviceAccount)
-      .build()
-      .toString();
-  }
-
-  public static ServiceAccountName parse(String formattedString) {
-    if (formattedString.isEmpty()) {
-      return null;
-    }
-    Map<String, String> matchMap =
-        PATH_TEMPLATE.validatedMatch(formattedString, "ServiceAccountName.parse: formattedString not in valid format");
-    return of(matchMap.get("project"), matchMap.get("service_account"));
-  }
-
-  public static List<ServiceAccountName> parseList(List<String> formattedStrings) {
-    List<ServiceAccountName> list = new ArrayList<>(formattedStrings.size());
-    for (String formattedString : formattedStrings) {
-      list.add(parse(formattedString));
-    }
-    return list;
-  }
-
-  public static List<String> toStringList(List<ServiceAccountName> values) {
-    List<String> list = new ArrayList<String>(values.size());
-    for (ServiceAccountName value : values) {
-      if (value == null) {
-        list.add("");
-      } else {
-        list.add(value.toString());
-      }
-    }
-    return list;
-  }
-
-  public static boolean isParsableFrom(String formattedString) {
-    return PATH_TEMPLATE.matches(formattedString);
-  }
-
-  public Map<String, String> getFieldValuesMap() {
-    if (fieldValuesMap == null) {
-      synchronized (this) {
-        if (fieldValuesMap == null) {
-          ImmutableMap.Builder<String, String> fieldMapBuilder = ImmutableMap.builder();
-          fieldMapBuilder.put("project", project);
-          fieldMapBuilder.put("serviceAccount", serviceAccount);
-          fieldValuesMap = fieldMapBuilder.build();
-        }
-      }
-    }
-    return fieldValuesMap;
-  }
-
-  public String getFieldValue(String fieldName) {
-    return getFieldValuesMap().get(fieldName);
-  }
-
-  @Override
-  public String toString() {
-    return PATH_TEMPLATE.instantiate("project", project, "service_account", serviceAccount);
-  }
-
-  /** Builder for ServiceAccountName. */
-  public static class Builder {
-
-    private String project;
-    private String serviceAccount;
-
-    public String getProject() {
-      return project;
-    }
-
-    public String getServiceAccount() {
-      return serviceAccount;
-    }
-
-    public Builder setProject(String project) {
-      this.project = project;
-      return this;
-    }
-
-    public Builder setServiceAccount(String serviceAccount) {
-      this.serviceAccount = serviceAccount;
-      return this;
-    }
-
-    private Builder() {
-    }
-
-    private Builder(ServiceAccountName serviceAccountName) {
-      project = serviceAccountName.project;
-      serviceAccount = serviceAccountName.serviceAccount;
-    }
-
-    public ServiceAccountName build() {
-      return new ServiceAccountName(this);
-    }
-  }
-
-  @Override
-  public boolean equals(Object o) {
-    if (o == this) {
-      return true;
-    }
-    if (o instanceof ServiceAccountName) {
-      ServiceAccountName that = (ServiceAccountName) o;
-      return (this.project.equals(that.project))
-          && (this.serviceAccount.equals(that.serviceAccount));
-    }
-    return false;
-  }
-
-  @Override
-  public int hashCode() {
-    int h = 1;
-    h *= 1000003;
-    h ^= project.hashCode();
-    h *= 1000003;
-    h ^= serviceAccount.hashCode();
-    return h;
-  }
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java
deleted file mode 100644
index c134c2c17017..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequest.java
+++ /dev/null
@@ -1,978 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
- */
-public  final class SignBlobRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobRequest)
-    SignBlobRequestOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use SignBlobRequest.newBuilder() to construct.
-  private SignBlobRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private SignBlobRequest() {
-    name_ = "";
-    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    payload_ = com.google.protobuf.ByteString.EMPTY;
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private SignBlobRequest(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            name_ = s;
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
-            }
-            delegates_.add(s);
-            break;
-          }
-          case 42: {
-
-            payload_ = input.readBytes();
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-      }
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.SignBlobRequest.class, com.google.iam.credentials.v1.SignBlobRequest.Builder.class);
-  }
-
-  private int bitField0_;
-  public static final int NAME_FIELD_NUMBER = 1;
-  private volatile java.lang.Object name_;
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public java.lang.String getName() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      name_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      name_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int DELEGATES_FIELD_NUMBER = 3;
-  private com.google.protobuf.LazyStringList delegates_;
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
-    return delegates_;
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public int getDelegatesCount() {
-    return delegates_.size();
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public java.lang.String getDelegates(int index) {
-    return delegates_.get(index);
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
-    return delegates_.getByteString(index);
-  }
-
-  public static final int PAYLOAD_FIELD_NUMBER = 5;
-  private com.google.protobuf.ByteString payload_;
-  /**
-   * <pre>
-   * The bytes to sign.
-   * </pre>
-   *
-   * <code>bytes payload = 5;</code>
-   */
-  public com.google.protobuf.ByteString getPayload() {
-    return payload_;
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getNameBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
-    }
-    for (int i = 0; i < delegates_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, delegates_.getRaw(i));
-    }
-    if (!payload_.isEmpty()) {
-      output.writeBytes(5, payload_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getNameBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < delegates_.size(); i++) {
-        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getDelegatesList().size();
-    }
-    if (!payload_.isEmpty()) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeBytesSize(5, payload_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.SignBlobRequest)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.SignBlobRequest other = (com.google.iam.credentials.v1.SignBlobRequest) obj;
-
-    boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getPayload()
-        .equals(other.getPayload());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + NAME_FIELD_NUMBER;
-    hash = (53 * hash) + getName().hashCode();
-    if (getDelegatesCount() > 0) {
-      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
-      hash = (53 * hash) + getDelegatesList().hashCode();
-    }
-    hash = (37 * hash) + PAYLOAD_FIELD_NUMBER;
-    hash = (53 * hash) + getPayload().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignBlobRequest parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.SignBlobRequest prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobRequest)
-      com.google.iam.credentials.v1.SignBlobRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.SignBlobRequest.class, com.google.iam.credentials.v1.SignBlobRequest.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.SignBlobRequest.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      name_ = "";
-
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      payload_ = com.google.protobuf.ByteString.EMPTY;
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.SignBlobRequest.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignBlobRequest build() {
-      com.google.iam.credentials.v1.SignBlobRequest result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignBlobRequest buildPartial() {
-      com.google.iam.credentials.v1.SignBlobRequest result = new com.google.iam.credentials.v1.SignBlobRequest(this);
-      int from_bitField0_ = bitField0_;
-      int to_bitField0_ = 0;
-      result.name_ = name_;
-      if (((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000002);
-      }
-      result.delegates_ = delegates_;
-      result.payload_ = payload_;
-      result.bitField0_ = to_bitField0_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.SignBlobRequest) {
-        return mergeFrom((com.google.iam.credentials.v1.SignBlobRequest)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.SignBlobRequest other) {
-      if (other == com.google.iam.credentials.v1.SignBlobRequest.getDefaultInstance()) return this;
-      if (!other.getName().isEmpty()) {
-        name_ = other.name_;
-        onChanged();
-      }
-      if (!other.delegates_.isEmpty()) {
-        if (delegates_.isEmpty()) {
-          delegates_ = other.delegates_;
-          bitField0_ = (bitField0_ & ~0x00000002);
-        } else {
-          ensureDelegatesIsMutable();
-          delegates_.addAll(other.delegates_);
-        }
-        onChanged();
-      }
-      if (other.getPayload() != com.google.protobuf.ByteString.EMPTY) {
-        setPayload(other.getPayload());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.SignBlobRequest parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.SignBlobRequest) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-    private int bitField0_;
-
-    private java.lang.Object name_ = "";
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public java.lang.String getName() {
-      java.lang.Object ref = name_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        name_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
-      java.lang.Object ref = name_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        name_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setName(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      name_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder clearName() {
-      
-      name_ = getDefaultInstance().getName();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      name_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureDelegatesIsMutable() {
-      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
-        bitField0_ |= 0x00000002;
-       }
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
-      return delegates_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public int getDelegatesCount() {
-      return delegates_.size();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public java.lang.String getDelegates(int index) {
-      return delegates_.get(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
-      return delegates_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder addDelegates(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder clearDelegates() {
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.ByteString payload_ = com.google.protobuf.ByteString.EMPTY;
-    /**
-     * <pre>
-     * The bytes to sign.
-     * </pre>
-     *
-     * <code>bytes payload = 5;</code>
-     */
-    public com.google.protobuf.ByteString getPayload() {
-      return payload_;
-    }
-    /**
-     * <pre>
-     * The bytes to sign.
-     * </pre>
-     *
-     * <code>bytes payload = 5;</code>
-     */
-    public Builder setPayload(com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      payload_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The bytes to sign.
-     * </pre>
-     *
-     * <code>bytes payload = 5;</code>
-     */
-    public Builder clearPayload() {
-      
-      payload_ = getDefaultInstance().getPayload();
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobRequest)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobRequest)
-  private static final com.google.iam.credentials.v1.SignBlobRequest DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignBlobRequest();
-  }
-
-  public static com.google.iam.credentials.v1.SignBlobRequest getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<SignBlobRequest>
-      PARSER = new com.google.protobuf.AbstractParser<SignBlobRequest>() {
-    @java.lang.Override
-    public SignBlobRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignBlobRequest(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<SignBlobRequest> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<SignBlobRequest> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java
deleted file mode 100644
index 5af7667aa6c5..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobRequestOrBuilder.java
+++ /dev/null
@@ -1,103 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface SignBlobRequestOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobRequest)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  java.lang.String getName();
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getNameBytes();
-
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  java.util.List<java.lang.String>
-      getDelegatesList();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  int getDelegatesCount();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  java.lang.String getDelegates(int index);
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
-
-  /**
-   * <pre>
-   * The bytes to sign.
-   * </pre>
-   *
-   * <code>bytes payload = 5;</code>
-   */
-  com.google.protobuf.ByteString getPayload();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java
deleted file mode 100644
index 4b1532342c2e..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponse.java
+++ /dev/null
@@ -1,646 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
- */
-public  final class SignBlobResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobResponse)
-    SignBlobResponseOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use SignBlobResponse.newBuilder() to construct.
-  private SignBlobResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private SignBlobResponse() {
-    keyId_ = "";
-    signedBlob_ = com.google.protobuf.ByteString.EMPTY;
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private SignBlobResponse(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            keyId_ = s;
-            break;
-          }
-          case 34: {
-
-            signedBlob_ = input.readBytes();
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.SignBlobResponse.class, com.google.iam.credentials.v1.SignBlobResponse.Builder.class);
-  }
-
-  public static final int KEY_ID_FIELD_NUMBER = 1;
-  private volatile java.lang.Object keyId_;
-  /**
-   * <pre>
-   * The ID of the key used to sign the blob.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  public java.lang.String getKeyId() {
-    java.lang.Object ref = keyId_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      keyId_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The ID of the key used to sign the blob.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getKeyIdBytes() {
-    java.lang.Object ref = keyId_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      keyId_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int SIGNED_BLOB_FIELD_NUMBER = 4;
-  private com.google.protobuf.ByteString signedBlob_;
-  /**
-   * <pre>
-   * The signed blob.
-   * </pre>
-   *
-   * <code>bytes signed_blob = 4;</code>
-   */
-  public com.google.protobuf.ByteString getSignedBlob() {
-    return signedBlob_;
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getKeyIdBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
-    }
-    if (!signedBlob_.isEmpty()) {
-      output.writeBytes(4, signedBlob_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getKeyIdBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
-    }
-    if (!signedBlob_.isEmpty()) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeBytesSize(4, signedBlob_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.SignBlobResponse)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.SignBlobResponse other = (com.google.iam.credentials.v1.SignBlobResponse) obj;
-
-    boolean result = true;
-    result = result && getKeyId()
-        .equals(other.getKeyId());
-    result = result && getSignedBlob()
-        .equals(other.getSignedBlob());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + KEY_ID_FIELD_NUMBER;
-    hash = (53 * hash) + getKeyId().hashCode();
-    hash = (37 * hash) + SIGNED_BLOB_FIELD_NUMBER;
-    hash = (53 * hash) + getSignedBlob().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignBlobResponse parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.SignBlobResponse prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobResponse)
-      com.google.iam.credentials.v1.SignBlobResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.SignBlobResponse.class, com.google.iam.credentials.v1.SignBlobResponse.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.SignBlobResponse.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      keyId_ = "";
-
-      signedBlob_ = com.google.protobuf.ByteString.EMPTY;
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.SignBlobResponse.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignBlobResponse build() {
-      com.google.iam.credentials.v1.SignBlobResponse result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignBlobResponse buildPartial() {
-      com.google.iam.credentials.v1.SignBlobResponse result = new com.google.iam.credentials.v1.SignBlobResponse(this);
-      result.keyId_ = keyId_;
-      result.signedBlob_ = signedBlob_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.SignBlobResponse) {
-        return mergeFrom((com.google.iam.credentials.v1.SignBlobResponse)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.SignBlobResponse other) {
-      if (other == com.google.iam.credentials.v1.SignBlobResponse.getDefaultInstance()) return this;
-      if (!other.getKeyId().isEmpty()) {
-        keyId_ = other.keyId_;
-        onChanged();
-      }
-      if (other.getSignedBlob() != com.google.protobuf.ByteString.EMPTY) {
-        setSignedBlob(other.getSignedBlob());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.SignBlobResponse parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.SignBlobResponse) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-
-    private java.lang.Object keyId_ = "";
-    /**
-     * <pre>
-     * The ID of the key used to sign the blob.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public java.lang.String getKeyId() {
-      java.lang.Object ref = keyId_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        keyId_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the blob.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getKeyIdBytes() {
-      java.lang.Object ref = keyId_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        keyId_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the blob.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public Builder setKeyId(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      keyId_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the blob.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public Builder clearKeyId() {
-      
-      keyId_ = getDefaultInstance().getKeyId();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the blob.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public Builder setKeyIdBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      keyId_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.ByteString signedBlob_ = com.google.protobuf.ByteString.EMPTY;
-    /**
-     * <pre>
-     * The signed blob.
-     * </pre>
-     *
-     * <code>bytes signed_blob = 4;</code>
-     */
-    public com.google.protobuf.ByteString getSignedBlob() {
-      return signedBlob_;
-    }
-    /**
-     * <pre>
-     * The signed blob.
-     * </pre>
-     *
-     * <code>bytes signed_blob = 4;</code>
-     */
-    public Builder setSignedBlob(com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      signedBlob_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The signed blob.
-     * </pre>
-     *
-     * <code>bytes signed_blob = 4;</code>
-     */
-    public Builder clearSignedBlob() {
-      
-      signedBlob_ = getDefaultInstance().getSignedBlob();
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobResponse)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobResponse)
-  private static final com.google.iam.credentials.v1.SignBlobResponse DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignBlobResponse();
-  }
-
-  public static com.google.iam.credentials.v1.SignBlobResponse getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<SignBlobResponse>
-      PARSER = new com.google.protobuf.AbstractParser<SignBlobResponse>() {
-    @java.lang.Override
-    public SignBlobResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignBlobResponse(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<SignBlobResponse> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<SignBlobResponse> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java
deleted file mode 100644
index 76e2a97d1806..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignBlobResponseOrBuilder.java
+++ /dev/null
@@ -1,36 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface SignBlobResponseOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobResponse)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The ID of the key used to sign the blob.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  java.lang.String getKeyId();
-  /**
-   * <pre>
-   * The ID of the key used to sign the blob.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getKeyIdBytes();
-
-  /**
-   * <pre>
-   * The signed blob.
-   * </pre>
-   *
-   * <code>bytes signed_blob = 4;</code>
-   */
-  com.google.protobuf.ByteString getSignedBlob();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java
deleted file mode 100644
index 655535f9489f..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequest.java
+++ /dev/null
@@ -1,1056 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
- */
-public  final class SignJwtRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtRequest)
-    SignJwtRequestOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use SignJwtRequest.newBuilder() to construct.
-  private SignJwtRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private SignJwtRequest() {
-    name_ = "";
-    delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    payload_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private SignJwtRequest(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            name_ = s;
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
-            }
-            delegates_.add(s);
-            break;
-          }
-          case 42: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            payload_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-      }
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.SignJwtRequest.class, com.google.iam.credentials.v1.SignJwtRequest.Builder.class);
-  }
-
-  private int bitField0_;
-  public static final int NAME_FIELD_NUMBER = 1;
-  private volatile java.lang.Object name_;
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public java.lang.String getName() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      name_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      name_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int DELEGATES_FIELD_NUMBER = 3;
-  private com.google.protobuf.LazyStringList delegates_;
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
-    return delegates_;
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public int getDelegatesCount() {
-    return delegates_.size();
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public java.lang.String getDelegates(int index) {
-    return delegates_.get(index);
-  }
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
-    return delegates_.getByteString(index);
-  }
-
-  public static final int PAYLOAD_FIELD_NUMBER = 5;
-  private volatile java.lang.Object payload_;
-  /**
-   * <pre>
-   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-   * </pre>
-   *
-   * <code>string payload = 5;</code>
-   */
-  public java.lang.String getPayload() {
-    java.lang.Object ref = payload_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      payload_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-   * </pre>
-   *
-   * <code>string payload = 5;</code>
-   */
-  public com.google.protobuf.ByteString
-      getPayloadBytes() {
-    java.lang.Object ref = payload_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      payload_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getNameBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
-    }
-    for (int i = 0; i < delegates_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, delegates_.getRaw(i));
-    }
-    if (!getPayloadBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 5, payload_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getNameBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < delegates_.size(); i++) {
-        dataSize += computeStringSizeNoTag(delegates_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getDelegatesList().size();
-    }
-    if (!getPayloadBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(5, payload_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.SignJwtRequest)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.SignJwtRequest other = (com.google.iam.credentials.v1.SignJwtRequest) obj;
-
-    boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getPayload()
-        .equals(other.getPayload());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + NAME_FIELD_NUMBER;
-    hash = (53 * hash) + getName().hashCode();
-    if (getDelegatesCount() > 0) {
-      hash = (37 * hash) + DELEGATES_FIELD_NUMBER;
-      hash = (53 * hash) + getDelegatesList().hashCode();
-    }
-    hash = (37 * hash) + PAYLOAD_FIELD_NUMBER;
-    hash = (53 * hash) + getPayload().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignJwtRequest parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.SignJwtRequest prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtRequest)
-      com.google.iam.credentials.v1.SignJwtRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.SignJwtRequest.class, com.google.iam.credentials.v1.SignJwtRequest.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.SignJwtRequest.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      name_ = "";
-
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      payload_ = "";
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.SignJwtRequest.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignJwtRequest build() {
-      com.google.iam.credentials.v1.SignJwtRequest result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignJwtRequest buildPartial() {
-      com.google.iam.credentials.v1.SignJwtRequest result = new com.google.iam.credentials.v1.SignJwtRequest(this);
-      int from_bitField0_ = bitField0_;
-      int to_bitField0_ = 0;
-      result.name_ = name_;
-      if (((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = delegates_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000002);
-      }
-      result.delegates_ = delegates_;
-      result.payload_ = payload_;
-      result.bitField0_ = to_bitField0_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.SignJwtRequest) {
-        return mergeFrom((com.google.iam.credentials.v1.SignJwtRequest)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.SignJwtRequest other) {
-      if (other == com.google.iam.credentials.v1.SignJwtRequest.getDefaultInstance()) return this;
-      if (!other.getName().isEmpty()) {
-        name_ = other.name_;
-        onChanged();
-      }
-      if (!other.delegates_.isEmpty()) {
-        if (delegates_.isEmpty()) {
-          delegates_ = other.delegates_;
-          bitField0_ = (bitField0_ & ~0x00000002);
-        } else {
-          ensureDelegatesIsMutable();
-          delegates_.addAll(other.delegates_);
-        }
-        onChanged();
-      }
-      if (!other.getPayload().isEmpty()) {
-        payload_ = other.payload_;
-        onChanged();
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.SignJwtRequest parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.SignJwtRequest) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-    private int bitField0_;
-
-    private java.lang.Object name_ = "";
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public java.lang.String getName() {
-      java.lang.Object ref = name_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        name_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
-      java.lang.Object ref = name_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        name_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setName(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      name_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder clearName() {
-      
-      name_ = getDefaultInstance().getName();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      name_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureDelegatesIsMutable() {
-      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
-        delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
-        bitField0_ |= 0x00000002;
-       }
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
-      return delegates_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public int getDelegatesCount() {
-      return delegates_.size();
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public java.lang.String getDelegates(int index) {
-      return delegates_.get(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
-      return delegates_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder addDelegates(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder clearDelegates() {
-      delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The sequence of service accounts in a delegation chain. Each service
-     * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on its next service account in the chain. The last service account in the
-     * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-     * on the service account that is specified in the `name` field of the
-     * request.
-     * The delegates must have the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-     * </pre>
-     *
-     * <code>repeated string delegates = 3;</code>
-     */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureDelegatesIsMutable();
-      delegates_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private java.lang.Object payload_ = "";
-    /**
-     * <pre>
-     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-     * </pre>
-     *
-     * <code>string payload = 5;</code>
-     */
-    public java.lang.String getPayload() {
-      java.lang.Object ref = payload_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        payload_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-     * </pre>
-     *
-     * <code>string payload = 5;</code>
-     */
-    public com.google.protobuf.ByteString
-        getPayloadBytes() {
-      java.lang.Object ref = payload_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        payload_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-     * </pre>
-     *
-     * <code>string payload = 5;</code>
-     */
-    public Builder setPayload(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      payload_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-     * </pre>
-     *
-     * <code>string payload = 5;</code>
-     */
-    public Builder clearPayload() {
-      
-      payload_ = getDefaultInstance().getPayload();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-     * </pre>
-     *
-     * <code>string payload = 5;</code>
-     */
-    public Builder setPayloadBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      payload_ = value;
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtRequest)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtRequest)
-  private static final com.google.iam.credentials.v1.SignJwtRequest DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignJwtRequest();
-  }
-
-  public static com.google.iam.credentials.v1.SignJwtRequest getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<SignJwtRequest>
-      PARSER = new com.google.protobuf.AbstractParser<SignJwtRequest>() {
-    @java.lang.Override
-    public SignJwtRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignJwtRequest(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<SignJwtRequest> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<SignJwtRequest> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java
deleted file mode 100644
index f3c06124accd..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtRequestOrBuilder.java
+++ /dev/null
@@ -1,112 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface SignJwtRequestOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtRequest)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  java.lang.String getName();
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getNameBytes();
-
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  java.util.List<java.lang.String>
-      getDelegatesList();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  int getDelegatesCount();
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  java.lang.String getDelegates(int index);
-  /**
-   * <pre>
-   * The sequence of service accounts in a delegation chain. Each service
-   * account must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on its next service account in the chain. The last service account in the
-   * chain must be granted the `roles/iam.serviceAccountTokenCreator` role
-   * on the service account that is specified in the `name` field of the
-   * request.
-   * The delegates must have the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`
-   * </pre>
-   *
-   * <code>repeated string delegates = 3;</code>
-   */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
-
-  /**
-   * <pre>
-   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-   * </pre>
-   *
-   * <code>string payload = 5;</code>
-   */
-  java.lang.String getPayload();
-  /**
-   * <pre>
-   * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
-   * </pre>
-   *
-   * <code>string payload = 5;</code>
-   */
-  com.google.protobuf.ByteString
-      getPayloadBytes();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java
deleted file mode 100644
index c84048a3ff40..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponse.java
+++ /dev/null
@@ -1,724 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
- */
-public  final class SignJwtResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtResponse)
-    SignJwtResponseOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use SignJwtResponse.newBuilder() to construct.
-  private SignJwtResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private SignJwtResponse() {
-    keyId_ = "";
-    signedJwt_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private SignJwtResponse(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            keyId_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            signedJwt_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.iam.credentials.v1.SignJwtResponse.class, com.google.iam.credentials.v1.SignJwtResponse.Builder.class);
-  }
-
-  public static final int KEY_ID_FIELD_NUMBER = 1;
-  private volatile java.lang.Object keyId_;
-  /**
-   * <pre>
-   * The ID of the key used to sign the JWT.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  public java.lang.String getKeyId() {
-    java.lang.Object ref = keyId_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      keyId_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The ID of the key used to sign the JWT.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getKeyIdBytes() {
-    java.lang.Object ref = keyId_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      keyId_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int SIGNED_JWT_FIELD_NUMBER = 2;
-  private volatile java.lang.Object signedJwt_;
-  /**
-   * <pre>
-   * The signed JWT.
-   * </pre>
-   *
-   * <code>string signed_jwt = 2;</code>
-   */
-  public java.lang.String getSignedJwt() {
-    java.lang.Object ref = signedJwt_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      signedJwt_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The signed JWT.
-   * </pre>
-   *
-   * <code>string signed_jwt = 2;</code>
-   */
-  public com.google.protobuf.ByteString
-      getSignedJwtBytes() {
-    java.lang.Object ref = signedJwt_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      signedJwt_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getKeyIdBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
-    }
-    if (!getSignedJwtBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, signedJwt_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getKeyIdBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
-    }
-    if (!getSignedJwtBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(2, signedJwt_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.iam.credentials.v1.SignJwtResponse)) {
-      return super.equals(obj);
-    }
-    com.google.iam.credentials.v1.SignJwtResponse other = (com.google.iam.credentials.v1.SignJwtResponse) obj;
-
-    boolean result = true;
-    result = result && getKeyId()
-        .equals(other.getKeyId());
-    result = result && getSignedJwt()
-        .equals(other.getSignedJwt());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + KEY_ID_FIELD_NUMBER;
-    hash = (53 * hash) + getKeyId().hashCode();
-    hash = (37 * hash) + SIGNED_JWT_FIELD_NUMBER;
-    hash = (53 * hash) + getSignedJwt().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.iam.credentials.v1.SignJwtResponse parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.iam.credentials.v1.SignJwtResponse prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtResponse)
-      com.google.iam.credentials.v1.SignJwtResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.iam.credentials.v1.SignJwtResponse.class, com.google.iam.credentials.v1.SignJwtResponse.Builder.class);
-    }
-
-    // Construct using com.google.iam.credentials.v1.SignJwtResponse.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      keyId_ = "";
-
-      signedJwt_ = "";
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
-      return com.google.iam.credentials.v1.SignJwtResponse.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignJwtResponse build() {
-      com.google.iam.credentials.v1.SignJwtResponse result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.iam.credentials.v1.SignJwtResponse buildPartial() {
-      com.google.iam.credentials.v1.SignJwtResponse result = new com.google.iam.credentials.v1.SignJwtResponse(this);
-      result.keyId_ = keyId_;
-      result.signedJwt_ = signedJwt_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.iam.credentials.v1.SignJwtResponse) {
-        return mergeFrom((com.google.iam.credentials.v1.SignJwtResponse)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.iam.credentials.v1.SignJwtResponse other) {
-      if (other == com.google.iam.credentials.v1.SignJwtResponse.getDefaultInstance()) return this;
-      if (!other.getKeyId().isEmpty()) {
-        keyId_ = other.keyId_;
-        onChanged();
-      }
-      if (!other.getSignedJwt().isEmpty()) {
-        signedJwt_ = other.signedJwt_;
-        onChanged();
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.iam.credentials.v1.SignJwtResponse parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.iam.credentials.v1.SignJwtResponse) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-
-    private java.lang.Object keyId_ = "";
-    /**
-     * <pre>
-     * The ID of the key used to sign the JWT.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public java.lang.String getKeyId() {
-      java.lang.Object ref = keyId_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        keyId_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the JWT.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getKeyIdBytes() {
-      java.lang.Object ref = keyId_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        keyId_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the JWT.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public Builder setKeyId(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      keyId_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the JWT.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public Builder clearKeyId() {
-      
-      keyId_ = getDefaultInstance().getKeyId();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The ID of the key used to sign the JWT.
-     * </pre>
-     *
-     * <code>string key_id = 1;</code>
-     */
-    public Builder setKeyIdBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      keyId_ = value;
-      onChanged();
-      return this;
-    }
-
-    private java.lang.Object signedJwt_ = "";
-    /**
-     * <pre>
-     * The signed JWT.
-     * </pre>
-     *
-     * <code>string signed_jwt = 2;</code>
-     */
-    public java.lang.String getSignedJwt() {
-      java.lang.Object ref = signedJwt_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        signedJwt_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The signed JWT.
-     * </pre>
-     *
-     * <code>string signed_jwt = 2;</code>
-     */
-    public com.google.protobuf.ByteString
-        getSignedJwtBytes() {
-      java.lang.Object ref = signedJwt_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        signedJwt_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The signed JWT.
-     * </pre>
-     *
-     * <code>string signed_jwt = 2;</code>
-     */
-    public Builder setSignedJwt(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      signedJwt_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The signed JWT.
-     * </pre>
-     *
-     * <code>string signed_jwt = 2;</code>
-     */
-    public Builder clearSignedJwt() {
-      
-      signedJwt_ = getDefaultInstance().getSignedJwt();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The signed JWT.
-     * </pre>
-     *
-     * <code>string signed_jwt = 2;</code>
-     */
-    public Builder setSignedJwtBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      signedJwt_ = value;
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtResponse)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtResponse)
-  private static final com.google.iam.credentials.v1.SignJwtResponse DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.iam.credentials.v1.SignJwtResponse();
-  }
-
-  public static com.google.iam.credentials.v1.SignJwtResponse getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<SignJwtResponse>
-      PARSER = new com.google.protobuf.AbstractParser<SignJwtResponse>() {
-    @java.lang.Override
-    public SignJwtResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignJwtResponse(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<SignJwtResponse> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<SignJwtResponse> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java
deleted file mode 100644
index 684ab9f8ec33..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/iam/credentials/v1/SignJwtResponseOrBuilder.java
+++ /dev/null
@@ -1,45 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.iam.credentials.v1;
-
-public interface SignJwtResponseOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtResponse)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The ID of the key used to sign the JWT.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  java.lang.String getKeyId();
-  /**
-   * <pre>
-   * The ID of the key used to sign the JWT.
-   * </pre>
-   *
-   * <code>string key_id = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getKeyIdBytes();
-
-  /**
-   * <pre>
-   * The signed JWT.
-   * </pre>
-   *
-   * <code>string signed_jwt = 2;</code>
-   */
-  java.lang.String getSignedJwt();
-  /**
-   * <pre>
-   * The signed JWT.
-   * </pre>
-   *
-   * <code>string signed_jwt = 2;</code>
-   */
-  com.google.protobuf.ByteString
-      getSignedJwtBytes();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java
deleted file mode 100644
index 656b33b2d6ea..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/google/iam/credentials/v1/Iamcredentials.java
+++ /dev/null
@@ -1,82 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/iamcredentials.proto
-
-package google.iam.credentials.v1;
-
-public final class Iamcredentials {
-  private Iamcredentials() {}
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistryLite registry) {
-  }
-
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistry registry) {
-    registerAllExtensions(
-        (com.google.protobuf.ExtensionRegistryLite) registry);
-  }
-
-  public static com.google.protobuf.Descriptors.FileDescriptor
-      getDescriptor() {
-    return descriptor;
-  }
-  private static  com.google.protobuf.Descriptors.FileDescriptor
-      descriptor;
-  static {
-    java.lang.String[] descriptorData = {
-      "\n.google/iam/credentials/v1/iamcredentia" +
-      "ls.proto\022\031google.iam.credentials.v1\032\034goo" +
-      "gle/api/annotations.proto\032&google/iam/cr" +
-      "edentials/v1/common.proto2\353\007\n\016IAMCredent" +
-      "ials\022\314\001\n\023GenerateAccessToken\0225.google.ia" +
-      "m.credentials.v1.GenerateAccessTokenRequ" +
-      "est\0326.google.iam.credentials.v1.Generate" +
-      "AccessTokenResponse\"F\202\323\344\223\002@\";/v1/{name=p" +
-      "rojects/*/serviceAccounts/*}:generateAcc" +
-      "essToken:\001*\022\274\001\n\017GenerateIdToken\0221.google" +
-      ".iam.credentials.v1.GenerateIdTokenReque" +
-      "st\0322.google.iam.credentials.v1.GenerateI" +
-      "dTokenResponse\"B\202\323\344\223\002<\"7/v1/{name=projec" +
-      "ts/*/serviceAccounts/*}:generateIdToken:" +
-      "\001*\022\240\001\n\010SignBlob\022*.google.iam.credentials" +
-      ".v1.SignBlobRequest\032+.google.iam.credent" +
-      "ials.v1.SignBlobResponse\";\202\323\344\223\0025\"0/v1/{n" +
-      "ame=projects/*/serviceAccounts/*}:signBl" +
-      "ob:\001*\022\234\001\n\007SignJwt\022).google.iam.credentia" +
-      "ls.v1.SignJwtRequest\032*.google.iam.creden" +
-      "tials.v1.SignJwtResponse\":\202\323\344\223\0024\"//v1/{n" +
-      "ame=projects/*/serviceAccounts/*}:signJw" +
-      "t:\001*\022\210\002\n\"GenerateIdentityBindingAccessTo" +
-      "ken\022D.google.iam.credentials.v1.Generate" +
-      "IdentityBindingAccessTokenRequest\032E.goog" +
-      "le.iam.credentials.v1.GenerateIdentityBi" +
-      "ndingAccessTokenResponse\"U\202\323\344\223\002O\"J/v1/{n" +
-      "ame=projects/*/serviceAccounts/*}:genera" +
-      "teIdentityBindingAccessToken:\001*BIZDgoogl" +
-      "e.golang.org/genproto/googleapis/iam/cre" +
-      "dentials/v1;credentials\370\001\001b\006proto3"
-    };
-    com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
-        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
-          public com.google.protobuf.ExtensionRegistry assignDescriptors(
-              com.google.protobuf.Descriptors.FileDescriptor root) {
-            descriptor = root;
-            return null;
-          }
-        };
-    com.google.protobuf.Descriptors.FileDescriptor
-      .internalBuildGeneratedFileFrom(descriptorData,
-        new com.google.protobuf.Descriptors.FileDescriptor[] {
-          com.google.api.AnnotationsProto.getDescriptor(),
-          com.google.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor(),
-        }, assigner);
-    com.google.protobuf.ExtensionRegistry registry =
-        com.google.protobuf.ExtensionRegistry.newInstance();
-    registry.add(com.google.api.AnnotationsProto.http);
-    com.google.protobuf.Descriptors.FileDescriptor
-        .internalUpdateFileDescriptor(descriptor, registry);
-    com.google.api.AnnotationsProto.getDescriptor();
-    com.google.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor();
-  }
-
-  // @@protoc_insertion_point(outer_class_scope)
-}

From 1e7a3933d7615a1dbbb991977a63d4b186367410 Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:39:47 -0800
Subject: [PATCH 4/9] Remove some more files cached from a bad synth

---
 ...rateIdentityBindingAccessTokenRequest.java | 1298 -----------------
 ...ityBindingAccessTokenRequestOrBuilder.java |  180 ---
 ...ateIdentityBindingAccessTokenResponse.java |  810 ----------
 ...tyBindingAccessTokenResponseOrBuilder.java |   55 -
 .../synth.metadata                            |   32 +
 5 files changed, 32 insertions(+), 2343 deletions(-)
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
 delete mode 100644 google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
 create mode 100644 google-cloud-clients/google-cloud-iamcredentials/synth.metadata

diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
deleted file mode 100644
index 97912aea2c9f..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequest.java
+++ /dev/null
@@ -1,1298 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.cloud.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
- */
-public  final class GenerateIdentityBindingAccessTokenRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-    GenerateIdentityBindingAccessTokenRequestOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateIdentityBindingAccessTokenRequest.newBuilder() to construct.
-  private GenerateIdentityBindingAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateIdentityBindingAccessTokenRequest() {
-    name_ = "";
-    scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    jwt_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateIdentityBindingAccessTokenRequest(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            name_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              scope_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
-            }
-            scope_.add(s);
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            jwt_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-        scope_ = scope_.getUnmodifiableView();
-      }
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
-  }
-
-  private int bitField0_;
-  public static final int NAME_FIELD_NUMBER = 1;
-  private volatile java.lang.Object name_;
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public java.lang.String getName() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      name_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
-    java.lang.Object ref = name_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      name_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int SCOPE_FIELD_NUMBER = 2;
-  private com.google.protobuf.LazyStringList scope_;
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public com.google.protobuf.ProtocolStringList
-      getScopeList() {
-    return scope_;
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public int getScopeCount() {
-    return scope_.size();
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public java.lang.String getScope(int index) {
-    return scope_.get(index);
-  }
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  public com.google.protobuf.ByteString
-      getScopeBytes(int index) {
-    return scope_.getByteString(index);
-  }
-
-  public static final int JWT_FIELD_NUMBER = 3;
-  private volatile java.lang.Object jwt_;
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  public java.lang.String getJwt() {
-    java.lang.Object ref = jwt_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      jwt_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  public com.google.protobuf.ByteString
-      getJwtBytes() {
-    java.lang.Object ref = jwt_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      jwt_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getNameBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
-    }
-    for (int i = 0; i < scope_.size(); i++) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 2, scope_.getRaw(i));
-    }
-    if (!getJwtBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 3, jwt_);
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getNameBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
-    }
-    {
-      int dataSize = 0;
-      for (int i = 0; i < scope_.size(); i++) {
-        dataSize += computeStringSizeNoTag(scope_.getRaw(i));
-      }
-      size += dataSize;
-      size += 1 * getScopeList().size();
-    }
-    if (!getJwtBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, jwt_);
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)) {
-      return super.equals(obj);
-    }
-    com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) obj;
-
-    boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getScopeList()
-        .equals(other.getScopeList());
-    result = result && getJwt()
-        .equals(other.getJwt());
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + NAME_FIELD_NUMBER;
-    hash = (53 * hash) + getName().hashCode();
-    if (getScopeCount() > 0) {
-      hash = (37 * hash) + SCOPE_FIELD_NUMBER;
-      hash = (53 * hash) + getScopeList().hashCode();
-    }
-    hash = (37 * hash) + JWT_FIELD_NUMBER;
-    hash = (53 * hash) + getJwt().hashCode();
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.Builder.class);
-    }
-
-    // Construct using com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      name_ = "";
-
-      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      jwt_ = "";
-
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenRequest_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
-      return com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest build() {
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest buildPartial() {
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest result = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest(this);
-      int from_bitField0_ = bitField0_;
-      int to_bitField0_ = 0;
-      result.name_ = name_;
-      if (((bitField0_ & 0x00000002) == 0x00000002)) {
-        scope_ = scope_.getUnmodifiableView();
-        bitField0_ = (bitField0_ & ~0x00000002);
-      }
-      result.scope_ = scope_;
-      result.jwt_ = jwt_;
-      result.bitField0_ = to_bitField0_;
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest other) {
-      if (other == com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest.getDefaultInstance()) return this;
-      if (!other.getName().isEmpty()) {
-        name_ = other.name_;
-        onChanged();
-      }
-      if (!other.scope_.isEmpty()) {
-        if (scope_.isEmpty()) {
-          scope_ = other.scope_;
-          bitField0_ = (bitField0_ & ~0x00000002);
-        } else {
-          ensureScopeIsMutable();
-          scope_.addAll(other.scope_);
-        }
-        onChanged();
-      }
-      if (!other.getJwt().isEmpty()) {
-        jwt_ = other.jwt_;
-        onChanged();
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-    private int bitField0_;
-
-    private java.lang.Object name_ = "";
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public java.lang.String getName() {
-      java.lang.Object ref = name_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        name_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
-      java.lang.Object ref = name_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        name_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setName(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      name_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder clearName() {
-      
-      name_ = getDefaultInstance().getName();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The resource name of the service account for which the credentials
-     * are requested, in the following format:
-     * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-     * </pre>
-     *
-     * <code>string name = 1;</code>
-     */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      name_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-    private void ensureScopeIsMutable() {
-      if (!((bitField0_ & 0x00000002) == 0x00000002)) {
-        scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
-        bitField0_ |= 0x00000002;
-       }
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public com.google.protobuf.ProtocolStringList
-        getScopeList() {
-      return scope_.getUnmodifiableView();
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public int getScopeCount() {
-      return scope_.size();
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public java.lang.String getScope(int index) {
-      return scope_.get(index);
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public com.google.protobuf.ByteString
-        getScopeBytes(int index) {
-      return scope_.getByteString(index);
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder setScope(
-        int index, java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
-      scope_.set(index, value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder addScope(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
-      scope_.add(value);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder addAllScope(
-        java.lang.Iterable<java.lang.String> values) {
-      ensureScopeIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, scope_);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder clearScope() {
-      scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
-      bitField0_ = (bitField0_ & ~0x00000002);
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Code to identify the scopes to be included in the OAuth 2.0 access token.
-     * See https://developers.google.com/identity/protocols/googlescopes for more
-     * information.
-     * At least one value required.
-     * </pre>
-     *
-     * <code>repeated string scope = 2;</code>
-     */
-    public Builder addScopeBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      ensureScopeIsMutable();
-      scope_.add(value);
-      onChanged();
-      return this;
-    }
-
-    private java.lang.Object jwt_ = "";
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public java.lang.String getJwt() {
-      java.lang.Object ref = jwt_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        jwt_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public com.google.protobuf.ByteString
-        getJwtBytes() {
-      java.lang.Object ref = jwt_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        jwt_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public Builder setJwt(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      jwt_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public Builder clearJwt() {
-      
-      jwt_ = getDefaultInstance().getJwt();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * Required. Input token.
-     * Must be in JWT format according to
-     * RFC7523 (https://tools.ietf.org/html/rfc7523)
-     * and must have 'kid' field in the header.
-     * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-     * Mandatory payload fields (along the lines of RFC 7523, section 3):
-     * - iss: issuer of the token. Must provide a discovery document at
-     *        $iss/.well-known/openid-configuration . The document needs to be
-     *        formatted according to section 4.2 of the OpenID Connect Discovery
-     *        1.0 specification.
-     * - iat: Issue time in seconds since epoch. Must be in the past.
-     * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-     *        after iat. We recommend to create tokens that last shorter than 6
-     *        hours to improve security unless business reasons mandate longer
-     *        expiration times. Shorter token lifetimes are generally more secure
-     *        since tokens that have been exfiltrated by attackers can be used for
-     *        a shorter time. you can configure the maximum lifetime of the
-     *        incoming token in the configuration of the mapper.
-     *        The resulting Google token will expire within an hour or at "exp",
-     *        whichever is earlier.
-     * - sub: JWT subject, identity asserted in the JWT.
-     * - aud: Configured in the mapper policy. By default the service account
-     *        email.
-     * Claims from the incoming token can be transferred into the output token
-     * accoding to the mapper configuration. The outgoing claim size is limited.
-     * Outgoing claims size must be less than 4kB serialized as JSON without
-     * whitespace.
-     * Example header:
-     * {
-     *   "alg": "RS256",
-     *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-     * }
-     * Example payload:
-     * {
-     *   "iss": "https://accounts.google.com",
-     *   "iat": 1517963104,
-     *   "exp": 1517966704,
-     *   "aud": "https://iamcredentials.googleapis.com/",
-     *   "sub": "113475438248934895348",
-     *   "my_claims": {
-     *     "additional_claim": "value"
-     *   }
-     * }
-     * </pre>
-     *
-     * <code>string jwt = 3;</code>
-     */
-    public Builder setJwtBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      jwt_ = value;
-      onChanged();
-      return this;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-  private static final com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest();
-  }
-
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenRequest>() {
-    @java.lang.Override
-    public GenerateIdentityBindingAccessTokenRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdentityBindingAccessTokenRequest(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenRequest> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
deleted file mode 100644
index 1e7369746c92..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenRequestOrBuilder.java
+++ /dev/null
@@ -1,180 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.cloud.iam.credentials.v1;
-
-public interface GenerateIdentityBindingAccessTokenRequestOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenRequest)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  java.lang.String getName();
-  /**
-   * <pre>
-   * The resource name of the service account for which the credentials
-   * are requested, in the following format:
-   * `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`.
-   * </pre>
-   *
-   * <code>string name = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getNameBytes();
-
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  java.util.List<java.lang.String>
-      getScopeList();
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  int getScopeCount();
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  java.lang.String getScope(int index);
-  /**
-   * <pre>
-   * Code to identify the scopes to be included in the OAuth 2.0 access token.
-   * See https://developers.google.com/identity/protocols/googlescopes for more
-   * information.
-   * At least one value required.
-   * </pre>
-   *
-   * <code>repeated string scope = 2;</code>
-   */
-  com.google.protobuf.ByteString
-      getScopeBytes(int index);
-
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  java.lang.String getJwt();
-  /**
-   * <pre>
-   * Required. Input token.
-   * Must be in JWT format according to
-   * RFC7523 (https://tools.ietf.org/html/rfc7523)
-   * and must have 'kid' field in the header.
-   * Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
-   * Mandatory payload fields (along the lines of RFC 7523, section 3):
-   * - iss: issuer of the token. Must provide a discovery document at
-   *        $iss/.well-known/openid-configuration . The document needs to be
-   *        formatted according to section 4.2 of the OpenID Connect Discovery
-   *        1.0 specification.
-   * - iat: Issue time in seconds since epoch. Must be in the past.
-   * - exp: Expiration time in seconds since epoch. Must be less than 48 hours
-   *        after iat. We recommend to create tokens that last shorter than 6
-   *        hours to improve security unless business reasons mandate longer
-   *        expiration times. Shorter token lifetimes are generally more secure
-   *        since tokens that have been exfiltrated by attackers can be used for
-   *        a shorter time. you can configure the maximum lifetime of the
-   *        incoming token in the configuration of the mapper.
-   *        The resulting Google token will expire within an hour or at "exp",
-   *        whichever is earlier.
-   * - sub: JWT subject, identity asserted in the JWT.
-   * - aud: Configured in the mapper policy. By default the service account
-   *        email.
-   * Claims from the incoming token can be transferred into the output token
-   * accoding to the mapper configuration. The outgoing claim size is limited.
-   * Outgoing claims size must be less than 4kB serialized as JSON without
-   * whitespace.
-   * Example header:
-   * {
-   *   "alg": "RS256",
-   *   "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
-   * }
-   * Example payload:
-   * {
-   *   "iss": "https://accounts.google.com",
-   *   "iat": 1517963104,
-   *   "exp": 1517966704,
-   *   "aud": "https://iamcredentials.googleapis.com/",
-   *   "sub": "113475438248934895348",
-   *   "my_claims": {
-   *     "additional_claim": "value"
-   *   }
-   * }
-   * </pre>
-   *
-   * <code>string jwt = 3;</code>
-   */
-  com.google.protobuf.ByteString
-      getJwtBytes();
-}
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
deleted file mode 100644
index 65ccddaf73de..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponse.java
+++ /dev/null
@@ -1,810 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.cloud.iam.credentials.v1;
-
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
- */
-public  final class GenerateIdentityBindingAccessTokenResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
-    // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-    GenerateIdentityBindingAccessTokenResponseOrBuilder {
-private static final long serialVersionUID = 0L;
-  // Use GenerateIdentityBindingAccessTokenResponse.newBuilder() to construct.
-  private GenerateIdentityBindingAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
-    super(builder);
-  }
-  private GenerateIdentityBindingAccessTokenResponse() {
-    accessToken_ = "";
-  }
-
-  @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
-    return this.unknownFields;
-  }
-  private GenerateIdentityBindingAccessTokenResponse(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    this();
-    if (extensionRegistry == null) {
-      throw new java.lang.NullPointerException();
-    }
-    int mutable_bitField0_ = 0;
-    com.google.protobuf.UnknownFieldSet.Builder unknownFields =
-        com.google.protobuf.UnknownFieldSet.newBuilder();
-    try {
-      boolean done = false;
-      while (!done) {
-        int tag = input.readTag();
-        switch (tag) {
-          case 0:
-            done = true;
-            break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            accessToken_ = s;
-            break;
-          }
-          case 18: {
-            com.google.protobuf.Timestamp.Builder subBuilder = null;
-            if (expireTime_ != null) {
-              subBuilder = expireTime_.toBuilder();
-            }
-            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
-            if (subBuilder != null) {
-              subBuilder.mergeFrom(expireTime_);
-              expireTime_ = subBuilder.buildPartial();
-            }
-
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
-            }
-            break;
-          }
-        }
-      }
-    } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-      throw e.setUnfinishedMessage(this);
-    } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
-    } finally {
-      this.unknownFields = unknownFields.build();
-      makeExtensionsImmutable();
-    }
-  }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-  }
-
-  @java.lang.Override
-  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
-        .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
-  }
-
-  public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
-  private volatile java.lang.Object accessToken_;
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  public java.lang.String getAccessToken() {
-    java.lang.Object ref = accessToken_;
-    if (ref instanceof java.lang.String) {
-      return (java.lang.String) ref;
-    } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
-      java.lang.String s = bs.toStringUtf8();
-      accessToken_ = s;
-      return s;
-    }
-  }
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  public com.google.protobuf.ByteString
-      getAccessTokenBytes() {
-    java.lang.Object ref = accessToken_;
-    if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
-      accessToken_ = b;
-      return b;
-    } else {
-      return (com.google.protobuf.ByteString) ref;
-    }
-  }
-
-  public static final int EXPIRE_TIME_FIELD_NUMBER = 2;
-  private com.google.protobuf.Timestamp expireTime_;
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  public boolean hasExpireTime() {
-    return expireTime_ != null;
-  }
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  public com.google.protobuf.Timestamp getExpireTime() {
-    return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-  }
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
-    return getExpireTime();
-  }
-
-  private byte memoizedIsInitialized = -1;
-  @java.lang.Override
-  public final boolean isInitialized() {
-    byte isInitialized = memoizedIsInitialized;
-    if (isInitialized == 1) return true;
-    if (isInitialized == 0) return false;
-
-    memoizedIsInitialized = 1;
-    return true;
-  }
-
-  @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
-    if (!getAccessTokenBytes().isEmpty()) {
-      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
-    }
-    if (expireTime_ != null) {
-      output.writeMessage(2, getExpireTime());
-    }
-    unknownFields.writeTo(output);
-  }
-
-  @java.lang.Override
-  public int getSerializedSize() {
-    int size = memoizedSize;
-    if (size != -1) return size;
-
-    size = 0;
-    if (!getAccessTokenBytes().isEmpty()) {
-      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
-    }
-    if (expireTime_ != null) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeMessageSize(2, getExpireTime());
-    }
-    size += unknownFields.getSerializedSize();
-    memoizedSize = size;
-    return size;
-  }
-
-  @java.lang.Override
-  public boolean equals(final java.lang.Object obj) {
-    if (obj == this) {
-     return true;
-    }
-    if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)) {
-      return super.equals(obj);
-    }
-    com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) obj;
-
-    boolean result = true;
-    result = result && getAccessToken()
-        .equals(other.getAccessToken());
-    result = result && (hasExpireTime() == other.hasExpireTime());
-    if (hasExpireTime()) {
-      result = result && getExpireTime()
-          .equals(other.getExpireTime());
-    }
-    result = result && unknownFields.equals(other.unknownFields);
-    return result;
-  }
-
-  @java.lang.Override
-  public int hashCode() {
-    if (memoizedHashCode != 0) {
-      return memoizedHashCode;
-    }
-    int hash = 41;
-    hash = (19 * hash) + getDescriptor().hashCode();
-    hash = (37 * hash) + ACCESS_TOKEN_FIELD_NUMBER;
-    hash = (53 * hash) + getAccessToken().hashCode();
-    if (hasExpireTime()) {
-      hash = (37 * hash) + EXPIRE_TIME_FIELD_NUMBER;
-      hash = (53 * hash) + getExpireTime().hashCode();
-    }
-    hash = (29 * hash) + unknownFields.hashCode();
-    memoizedHashCode = hash;
-    return hash;
-  }
-
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.ByteString data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.ByteString data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws com.google.protobuf.InvalidProtocolBufferException {
-    return PARSER.parseFrom(data, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
-  }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
-  }
-
-  @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
-  public static Builder newBuilder() {
-    return DEFAULT_INSTANCE.toBuilder();
-  }
-  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse prototype) {
-    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
-  }
-  @java.lang.Override
-  public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
-  }
-
-  @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-    Builder builder = new Builder(parent);
-    return builder;
-  }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
-      // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-        internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_fieldAccessorTable
-          .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.Builder.class);
-    }
-
-    // Construct using com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.newBuilder()
-    private Builder() {
-      maybeForceBuilderInitialization();
-    }
-
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
-      super(parent);
-      maybeForceBuilderInitialization();
-    }
-    private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
-    }
-    @java.lang.Override
-    public Builder clear() {
-      super.clear();
-      accessToken_ = "";
-
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = null;
-      } else {
-        expireTime_ = null;
-        expireTimeBuilder_ = null;
-      }
-      return this;
-    }
-
-    @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdentityBindingAccessTokenResponse_descriptor;
-    }
-
-    @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
-      return com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance();
-    }
-
-    @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse build() {
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = buildPartial();
-      if (!result.isInitialized()) {
-        throw newUninitializedMessageException(result);
-      }
-      return result;
-    }
-
-    @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse buildPartial() {
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse result = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse(this);
-      result.accessToken_ = accessToken_;
-      if (expireTimeBuilder_ == null) {
-        result.expireTime_ = expireTime_;
-      } else {
-        result.expireTime_ = expireTimeBuilder_.build();
-      }
-      onBuilt();
-      return result;
-    }
-
-    @java.lang.Override
-    public Builder clone() {
-      return (Builder) super.clone();
-    }
-    @java.lang.Override
-    public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.setField(field, value);
-    }
-    @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
-      return (Builder) super.clearField(field);
-    }
-    @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
-      return (Builder) super.clearOneof(oneof);
-    }
-    @java.lang.Override
-    public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
-      return (Builder) super.setRepeatedField(field, index, value);
-    }
-    @java.lang.Override
-    public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
-      return (Builder) super.addRepeatedField(field, value);
-    }
-    @java.lang.Override
-    public Builder mergeFrom(com.google.protobuf.Message other) {
-      if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)other);
-      } else {
-        super.mergeFrom(other);
-        return this;
-      }
-    }
-
-    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse other) {
-      if (other == com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse.getDefaultInstance()) return this;
-      if (!other.getAccessToken().isEmpty()) {
-        accessToken_ = other.accessToken_;
-        onChanged();
-      }
-      if (other.hasExpireTime()) {
-        mergeExpireTime(other.getExpireTime());
-      }
-      this.mergeUnknownFields(other.unknownFields);
-      onChanged();
-      return this;
-    }
-
-    @java.lang.Override
-    public final boolean isInitialized() {
-      return true;
-    }
-
-    @java.lang.Override
-    public Builder mergeFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws java.io.IOException {
-      com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse parsedMessage = null;
-      try {
-        parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
-      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse) e.getUnfinishedMessage();
-        throw e.unwrapIOException();
-      } finally {
-        if (parsedMessage != null) {
-          mergeFrom(parsedMessage);
-        }
-      }
-      return this;
-    }
-
-    private java.lang.Object accessToken_ = "";
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public java.lang.String getAccessToken() {
-      java.lang.Object ref = accessToken_;
-      if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
-        java.lang.String s = bs.toStringUtf8();
-        accessToken_ = s;
-        return s;
-      } else {
-        return (java.lang.String) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public com.google.protobuf.ByteString
-        getAccessTokenBytes() {
-      java.lang.Object ref = accessToken_;
-      if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
-        accessToken_ = b;
-        return b;
-      } else {
-        return (com.google.protobuf.ByteString) ref;
-      }
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder setAccessToken(
-        java.lang.String value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  
-      accessToken_ = value;
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder clearAccessToken() {
-      
-      accessToken_ = getDefaultInstance().getAccessToken();
-      onChanged();
-      return this;
-    }
-    /**
-     * <pre>
-     * The OAuth 2.0 access token.
-     * </pre>
-     *
-     * <code>string access_token = 1;</code>
-     */
-    public Builder setAccessTokenBytes(
-        com.google.protobuf.ByteString value) {
-      if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
-      accessToken_ = value;
-      onChanged();
-      return this;
-    }
-
-    private com.google.protobuf.Timestamp expireTime_ = null;
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public boolean hasExpireTime() {
-      return expireTimeBuilder_ != null || expireTime_ != null;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public com.google.protobuf.Timestamp getExpireTime() {
-      if (expireTimeBuilder_ == null) {
-        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-      } else {
-        return expireTimeBuilder_.getMessage();
-      }
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder setExpireTime(com.google.protobuf.Timestamp value) {
-      if (expireTimeBuilder_ == null) {
-        if (value == null) {
-          throw new NullPointerException();
-        }
-        expireTime_ = value;
-        onChanged();
-      } else {
-        expireTimeBuilder_.setMessage(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder setExpireTime(
-        com.google.protobuf.Timestamp.Builder builderForValue) {
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = builderForValue.build();
-        onChanged();
-      } else {
-        expireTimeBuilder_.setMessage(builderForValue.build());
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
-      if (expireTimeBuilder_ == null) {
-        if (expireTime_ != null) {
-          expireTime_ =
-            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
-        } else {
-          expireTime_ = value;
-        }
-        onChanged();
-      } else {
-        expireTimeBuilder_.mergeFrom(value);
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public Builder clearExpireTime() {
-      if (expireTimeBuilder_ == null) {
-        expireTime_ = null;
-        onChanged();
-      } else {
-        expireTime_ = null;
-        expireTimeBuilder_ = null;
-      }
-
-      return this;
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
-      
-      onChanged();
-      return getExpireTimeFieldBuilder().getBuilder();
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
-      if (expireTimeBuilder_ != null) {
-        return expireTimeBuilder_.getMessageOrBuilder();
-      } else {
-        return expireTime_ == null ?
-            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
-      }
-    }
-    /**
-     * <pre>
-     * Token expiration time.
-     * The expiration time is always set.
-     * </pre>
-     *
-     * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-     */
-    private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
-        getExpireTimeFieldBuilder() {
-      if (expireTimeBuilder_ == null) {
-        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
-                getExpireTime(),
-                getParentForChildren(),
-                isClean());
-        expireTime_ = null;
-      }
-      return expireTimeBuilder_;
-    }
-    @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.setUnknownFieldsProto3(unknownFields);
-    }
-
-    @java.lang.Override
-    public final Builder mergeUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
-      return super.mergeUnknownFields(unknownFields);
-    }
-
-
-    // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-  }
-
-  // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-  private static final com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse DEFAULT_INSTANCE;
-  static {
-    DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse();
-  }
-
-  public static com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstance() {
-    return DEFAULT_INSTANCE;
-  }
-
-  private static final com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdentityBindingAccessTokenResponse>() {
-    @java.lang.Override
-    public GenerateIdentityBindingAccessTokenResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdentityBindingAccessTokenResponse(input, extensionRegistry);
-    }
-  };
-
-  public static com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> parser() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.protobuf.Parser<GenerateIdentityBindingAccessTokenResponse> getParserForType() {
-    return PARSER;
-  }
-
-  @java.lang.Override
-  public com.google.cloud.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse getDefaultInstanceForType() {
-    return DEFAULT_INSTANCE;
-  }
-
-}
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
deleted file mode 100644
index a6bf4085216f..000000000000
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdentityBindingAccessTokenResponseOrBuilder.java
+++ /dev/null
@@ -1,55 +0,0 @@
-// Generated by the protocol buffer compiler.  DO NOT EDIT!
-// source: google/iam/credentials/v1/common.proto
-
-package com.google.cloud.iam.credentials.v1;
-
-public interface GenerateIdentityBindingAccessTokenResponseOrBuilder extends
-    // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdentityBindingAccessTokenResponse)
-    com.google.protobuf.MessageOrBuilder {
-
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  java.lang.String getAccessToken();
-  /**
-   * <pre>
-   * The OAuth 2.0 access token.
-   * </pre>
-   *
-   * <code>string access_token = 1;</code>
-   */
-  com.google.protobuf.ByteString
-      getAccessTokenBytes();
-
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  boolean hasExpireTime();
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  com.google.protobuf.Timestamp getExpireTime();
-  /**
-   * <pre>
-   * Token expiration time.
-   * The expiration time is always set.
-   * </pre>
-   *
-   * <code>.google.protobuf.Timestamp expire_time = 2;</code>
-   */
-  com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder();
-}
diff --git a/google-cloud-clients/google-cloud-iamcredentials/synth.metadata b/google-cloud-clients/google-cloud-iamcredentials/synth.metadata
new file mode 100644
index 000000000000..8eab8381bb9d
--- /dev/null
+++ b/google-cloud-clients/google-cloud-iamcredentials/synth.metadata
@@ -0,0 +1,32 @@
+{
+  "updateTime": "2018-12-12T22:32:58.895140Z",
+  "sources": [
+    {
+      "generator": {
+        "name": "artman",
+        "version": "0.16.2",
+        "dockerImage": "googleapis/artman@sha256:2f6b261ee7fe1aedf238991c93a20b3820de37a343d0cacf3e3e9555c2aaf2ea"
+      }
+    },
+    {
+      "git": {
+        "name": "googleapis",
+        "remote": "https://github.com/googleapis/googleapis.git",
+        "sha": "a207551d5190d2dc915ea261f19ce83eeee000d3",
+        "internalRef": "225249459"
+      }
+    }
+  ],
+  "destinations": [
+    {
+      "client": {
+        "source": "googleapis",
+        "apiName": "iamcredentials",
+        "apiVersion": "v1",
+        "language": "java",
+        "generator": "gapic",
+        "config": "google/iam/credentials/artman_iamcredentials_v1.yaml"
+      }
+    }
+  ]
+}
\ No newline at end of file

From 51298204f092bdc5d51457feb591cb8033b217ad Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:41:22 -0800
Subject: [PATCH 5/9] Fix xml formatting

---
 google-api-grpc/pom.xml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/google-api-grpc/pom.xml b/google-api-grpc/pom.xml
index 20365354786e..124236960743 100644
--- a/google-api-grpc/pom.xml
+++ b/google-api-grpc/pom.xml
@@ -634,7 +634,17 @@
         <artifactId>grpc-google-cloud-websecurityscanner-v1alpha</artifactId>
         <version>0.38.1-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-websecurityscanner-v1alpha:current} -->
       </dependency>
-    <dependency><groupId>com.google.api.grpc</groupId><artifactId>proto-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:proto-google-cloud-iamcredentials-v1:current}--></dependency><dependency><groupId>com.google.api.grpc</groupId><artifactId>grpc-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:grpc-google-cloud-iamcredentials-v1:current}--></dependency></dependencies>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>proto-google-cloud-iamcredentials-v1</artifactId>
+        <version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:proto-google-cloud-iamcredentials-v1:current}-->
+      </dependency>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>grpc-google-cloud-iamcredentials-v1</artifactId>
+        <version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:grpc-google-cloud-iamcredentials-v1:current}-->
+      </dependency>
+    </dependencies>
   </dependencyManagement>
 
   <modules>

From ca9a9fd9b655e503ed0293869826dc0cff895c1b Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:42:56 -0800
Subject: [PATCH 6/9] Fix xml formatting

---
 google-cloud-bom/pom.xml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/google-cloud-bom/pom.xml b/google-cloud-bom/pom.xml
index 8e92d69719ed..f22f8ae2ab1d 100644
--- a/google-cloud-bom/pom.xml
+++ b/google-cloud-bom/pom.xml
@@ -890,7 +890,22 @@
         <artifactId>grpc-google-cloud-websecurityscanner-v1alpha</artifactId>
         <version>0.38.1-SNAPSHOT</version><!-- {x-version-update:grpc-google-cloud-websecurityscanner-v1alpha:current} -->
       </dependency>
-    <dependency><groupId>com.google.api.grpc</groupId><artifactId>proto-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:proto-google-cloud-iamcredentials-v1:current}--></dependency><dependency><groupId>com.google.api.grpc</groupId><artifactId>grpc-google-cloud-iamcredentials-v1</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:grpc-google-cloud-iamcredentials-v1:current}--></dependency><dependency><groupId>com.google.cloud</groupId><artifactId>google-cloud-iamcredentials</artifactId><version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:google-cloud-iamcredentials:current}--></dependency></dependencies>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>proto-google-cloud-iamcredentials-v1</artifactId>
+        <version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:proto-google-cloud-iamcredentials-v1:current}-->
+      </dependency>
+      <dependency>
+        <groupId>com.google.api.grpc</groupId>
+        <artifactId>grpc-google-cloud-iamcredentials-v1</artifactId>
+        <version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:grpc-google-cloud-iamcredentials-v1:current}-->
+      </dependency>
+      <dependency>
+        <groupId>com.google.cloud</groupId>
+        <artifactId>google-cloud-iamcredentials</artifactId>
+        <version>0.0.1-alpha-SNAPSHOT</version><!--{x-version-update:google-cloud-iamcredentials:current}-->
+      </dependency>
+    </dependencies>
   </dependencyManagement>
 
   <build>

From 38519baf2cbf6571830e2724599b29e97c1ba5c8 Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:46:10 -0800
Subject: [PATCH 7/9] Update README descriptions and links

---
 .../google-cloud-iamcredentials/README.md     | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/google-cloud-clients/google-cloud-iamcredentials/README.md b/google-cloud-clients/google-cloud-iamcredentials/README.md
index 9797db1bd6ec..41d7f7a63956 100644
--- a/google-cloud-clients/google-cloud-iamcredentials/README.md
+++ b/google-cloud-clients/google-cloud-iamcredentials/README.md
@@ -1,7 +1,7 @@
-Google Cloud Java Client for FIXME
+Google Cloud Java Client for IAM Service Account Credentials API
 ===================================================
 
-Java idiomatic client for [FIXME][product-overview].
+Java idiomatic client for [IAM Service Account Credentials API][product-overview].
 
 [![Kokoro CI](http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/master.svg)](http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/master.html)
 [![Maven](https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-iamcredentials.svg)](https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-iamcredentials.svg)
@@ -40,17 +40,17 @@ Authentication
 
 See the [Authentication](https://github.com/GoogleCloudPlatform/google-cloud-java#authentication) section in the base directory's README.
 
-About FIXME
+About IAM Service Account Credentials API
 ----------------------------
 
-[FIXME][product-overview] FIXME
+Creates short-lived, limited-privilege credentials for IAM service accounts.
 
-See the [FIXME client library docs][lib-docs] to learn how to use this FIXME Client Library.
+See the [IAM Service Account Credentials API client library docs][lib-docs] to learn how to use this IAM Service Account Credentials Client Library.
 
 Getting Started
 ---------------
 #### Prerequisites
-You will need a [Google Developers Console](https://console.developers.google.com/) project with the FIXME API enabled. [Follow these instructions](https://cloud.google.com/resource-manager/docs/creating-managing-projects) to get your project set up. You will also need to set up the local development environment by [installing the Google Cloud SDK](https://cloud.google.com/sdk/) and running the following commands in command line: `gcloud auth login` and `gcloud config set project [YOUR PROJECT ID]`.
+You will need a [Google Developers Console](https://console.developers.google.com/) project with the IAM Service Account Credentials API enabled. [Follow these instructions](https://cloud.google.com/resource-manager/docs/creating-managing-projects) to get your project set up. You will also need to set up the local development environment by [installing the Google Cloud SDK](https://cloud.google.com/sdk/) and running the following commands in command line: `gcloud auth login` and `gcloud config set project [YOUR PROJECT ID]`.
 
 #### Installation and setup
 You'll need to obtain the `google-cloud-iamcredentials` library.  See the [Quickstart](#quickstart) section to add `google-cloud-iamcredentials` as a dependency in your code.
@@ -62,7 +62,7 @@ To get help, follow the instructions in the [shared Troubleshooting document](ht
 
 Transport
 ---------
-FIXME uses gRPC for the transport layer.
+IAM Service Account Credentials Client uses gRPC for the transport layer.
 
 Java Versions
 -------------
@@ -95,6 +95,6 @@ Apache 2.0 - See [LICENSE] for more information.
 [code-of-conduct]:https://github.com/GoogleCloudPlatform/google-cloud-java/blob/master/CODE_OF_CONDUCT.md#contributor-code-of-conduct
 [LICENSE]: https://github.com/GoogleCloudPlatform/google-cloud-java/blob/master/LICENSE
 [cloud-platform]: https://cloud.google.com/
-[product-overview]: FIXME
-[product-docs]: FIXME
-[lib-docs]: https://googleapis.github.io/google-cloud-java/google-cloud-clients/apidocs/index.html?com/google/cloud/iamcredentials/v1/package-summary.html
\ No newline at end of file
+[product-overview]: https://cloud.google.com/iam/credentials/reference/rest/
+[product-docs]: https://cloud.google.com/iam/credentials/reference/rest/
+[lib-docs]: https://googleapis.github.io/google-cloud-java/google-cloud-clients/apidocs/index.html?com/google/cloud/iamcredentials/v1/package-summary.html

From 6ba4a62217545d61755dc57e821acd769639e743 Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:54:42 -0800
Subject: [PATCH 8/9] Fix generated code lint

---
 .../credentials/v1/IAMCredentialsGrpc.java    | 594 +++++++++++-------
 .../v1/GenerateAccessTokenRequest.java        | 590 +++++++++--------
 .../GenerateAccessTokenRequestOrBuilder.java  |  44 +-
 .../v1/GenerateAccessTokenResponse.java       | 404 ++++++------
 .../GenerateAccessTokenResponseOrBuilder.java |  16 +-
 .../v1/GenerateIdTokenRequest.java            | 496 ++++++++-------
 .../v1/GenerateIdTokenRequestOrBuilder.java   |  33 +-
 .../v1/GenerateIdTokenResponse.java           | 293 +++++----
 .../v1/GenerateIdTokenResponseOrBuilder.java  |  10 +-
 .../v1/IAMCredentialsCommonProto.java         | 211 ++++---
 .../credentials/v1/IAMCredentialsProto.java   |  84 ++-
 .../credentials/v1/ServiceAccountName.java    |  24 +-
 .../iam/credentials/v1/SignBlobRequest.java   | 420 +++++++------
 .../v1/SignBlobRequestOrBuilder.java          |  26 +-
 .../iam/credentials/v1/SignBlobResponse.java  | 322 +++++-----
 .../v1/SignBlobResponseOrBuilder.java         |  12 +-
 .../iam/credentials/v1/SignJwtRequest.java    | 460 +++++++-------
 .../v1/SignJwtRequestOrBuilder.java           |  31 +-
 .../iam/credentials/v1/SignJwtResponse.java   | 362 ++++++-----
 .../v1/SignJwtResponseOrBuilder.java          |  17 +-
 20 files changed, 2508 insertions(+), 1941 deletions(-)

diff --git a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java
index e17c50324bb1..64f247bfb9a2 100644
--- a/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java
+++ b/google-api-grpc/grpc-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsGrpc.java
@@ -1,21 +1,15 @@
 package com.google.cloud.iam.credentials.v1;
 
 import static io.grpc.MethodDescriptor.generateFullMethodName;
-import static io.grpc.stub.ClientCalls.asyncBidiStreamingCall;
-import static io.grpc.stub.ClientCalls.asyncClientStreamingCall;
-import static io.grpc.stub.ClientCalls.asyncServerStreamingCall;
 import static io.grpc.stub.ClientCalls.asyncUnaryCall;
-import static io.grpc.stub.ClientCalls.blockingServerStreamingCall;
 import static io.grpc.stub.ClientCalls.blockingUnaryCall;
 import static io.grpc.stub.ClientCalls.futureUnaryCall;
-import static io.grpc.stub.ServerCalls.asyncBidiStreamingCall;
-import static io.grpc.stub.ServerCalls.asyncClientStreamingCall;
-import static io.grpc.stub.ServerCalls.asyncServerStreamingCall;
 import static io.grpc.stub.ServerCalls.asyncUnaryCall;
-import static io.grpc.stub.ServerCalls.asyncUnimplementedStreamingCall;
 import static io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall;
 
 /**
+ *
+ *
  * <pre>
  * A service account is a special type of Google account that belongs to your
  * application or a virtual machine (VM), instead of to an individual end user.
@@ -38,157 +32,241 @@ private IAMCredentialsGrpc() {}
 
   // Static method descriptors that strictly reflect the proto.
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getGenerateAccessTokenMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> METHOD_GENERATE_ACCESS_TOKEN = getGenerateAccessTokenMethodHelper();
+  @java.lang.Deprecated // Use {@link #getGenerateAccessTokenMethod()} instead.
+  public static final io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+      METHOD_GENERATE_ACCESS_TOKEN = getGenerateAccessTokenMethodHelper();
 
-  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+      getGenerateAccessTokenMethod;
 
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod() {
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+      getGenerateAccessTokenMethod() {
     return getGenerateAccessTokenMethodHelper();
   }
 
-  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> getGenerateAccessTokenMethod;
+  private static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+      getGenerateAccessTokenMethodHelper() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+        getGenerateAccessTokenMethod;
     if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
       synchronized (IAMCredentialsGrpc.class) {
-        if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod) == null) {
-          IAMCredentialsGrpc.getGenerateAccessTokenMethod = getGenerateAccessTokenMethod = 
-              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "GenerateAccessToken"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateAccessToken"))
-                  .build();
-          }
+        if ((getGenerateAccessTokenMethod = IAMCredentialsGrpc.getGenerateAccessTokenMethod)
+            == null) {
+          IAMCredentialsGrpc.getGenerateAccessTokenMethod =
+              getGenerateAccessTokenMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+                          com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(
+                              "google.iam.credentials.v1.IAMCredentials", "GenerateAccessToken"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new IAMCredentialsMethodDescriptorSupplier("GenerateAccessToken"))
+                      .build();
         }
-     }
-     return getGenerateAccessTokenMethod;
+      }
+    }
+    return getGenerateAccessTokenMethod;
   }
+
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getGenerateIdTokenMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> METHOD_GENERATE_ID_TOKEN = getGenerateIdTokenMethodHelper();
+  @java.lang.Deprecated // Use {@link #getGenerateIdTokenMethod()} instead.
+  public static final io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+      METHOD_GENERATE_ID_TOKEN = getGenerateIdTokenMethodHelper();
 
-  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+      getGenerateIdTokenMethod;
 
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod() {
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+      getGenerateIdTokenMethod() {
     return getGenerateIdTokenMethodHelper();
   }
 
-  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
-      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> getGenerateIdTokenMethod;
+  private static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+          com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+      getGenerateIdTokenMethodHelper() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+        getGenerateIdTokenMethod;
     if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
       synchronized (IAMCredentialsGrpc.class) {
         if ((getGenerateIdTokenMethod = IAMCredentialsGrpc.getGenerateIdTokenMethod) == null) {
-          IAMCredentialsGrpc.getGenerateIdTokenMethod = getGenerateIdTokenMethod = 
-              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "GenerateIdToken"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("GenerateIdToken"))
-                  .build();
-          }
+          IAMCredentialsGrpc.getGenerateIdTokenMethod =
+              getGenerateIdTokenMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+                          com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(
+                              "google.iam.credentials.v1.IAMCredentials", "GenerateIdToken"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new IAMCredentialsMethodDescriptorSupplier("GenerateIdToken"))
+                      .build();
         }
-     }
-     return getGenerateIdTokenMethod;
+      }
+    }
+    return getGenerateIdTokenMethod;
   }
+
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getSignBlobMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
-      com.google.cloud.iam.credentials.v1.SignBlobResponse> METHOD_SIGN_BLOB = getSignBlobMethodHelper();
+  @java.lang.Deprecated // Use {@link #getSignBlobMethod()} instead.
+  public static final io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignBlobRequest,
+          com.google.cloud.iam.credentials.v1.SignBlobResponse>
+      METHOD_SIGN_BLOB = getSignBlobMethodHelper();
 
-  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
-      com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignBlobRequest,
+          com.google.cloud.iam.credentials.v1.SignBlobResponse>
+      getSignBlobMethod;
 
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
-      com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethod() {
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignBlobRequest,
+          com.google.cloud.iam.credentials.v1.SignBlobResponse>
+      getSignBlobMethod() {
     return getSignBlobMethodHelper();
   }
 
-  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest,
-      com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignBlobRequest, com.google.cloud.iam.credentials.v1.SignBlobResponse> getSignBlobMethod;
+  private static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignBlobRequest,
+          com.google.cloud.iam.credentials.v1.SignBlobResponse>
+      getSignBlobMethodHelper() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.iam.credentials.v1.SignBlobRequest,
+            com.google.cloud.iam.credentials.v1.SignBlobResponse>
+        getSignBlobMethod;
     if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
       synchronized (IAMCredentialsGrpc.class) {
         if ((getSignBlobMethod = IAMCredentialsGrpc.getSignBlobMethod) == null) {
-          IAMCredentialsGrpc.getSignBlobMethod = getSignBlobMethod = 
-              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.SignBlobRequest, com.google.cloud.iam.credentials.v1.SignBlobResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "SignBlob"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.SignBlobRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.SignBlobResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignBlob"))
-                  .build();
-          }
+          IAMCredentialsGrpc.getSignBlobMethod =
+              getSignBlobMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.iam.credentials.v1.SignBlobRequest,
+                          com.google.cloud.iam.credentials.v1.SignBlobResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(
+                              "google.iam.credentials.v1.IAMCredentials", "SignBlob"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.SignBlobRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.SignBlobResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignBlob"))
+                      .build();
         }
-     }
-     return getSignBlobMethod;
+      }
+    }
+    return getSignBlobMethod;
   }
+
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  @java.lang.Deprecated // Use {@link #getSignJwtMethod()} instead. 
-  public static final io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
-      com.google.cloud.iam.credentials.v1.SignJwtResponse> METHOD_SIGN_JWT = getSignJwtMethodHelper();
+  @java.lang.Deprecated // Use {@link #getSignJwtMethod()} instead.
+  public static final io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignJwtRequest,
+          com.google.cloud.iam.credentials.v1.SignJwtResponse>
+      METHOD_SIGN_JWT = getSignJwtMethodHelper();
 
-  private static volatile io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
-      com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignJwtRequest,
+          com.google.cloud.iam.credentials.v1.SignJwtResponse>
+      getSignJwtMethod;
 
   @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/1901")
-  public static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
-      com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethod() {
+  public static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignJwtRequest,
+          com.google.cloud.iam.credentials.v1.SignJwtResponse>
+      getSignJwtMethod() {
     return getSignJwtMethodHelper();
   }
 
-  private static io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest,
-      com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethodHelper() {
-    io.grpc.MethodDescriptor<com.google.cloud.iam.credentials.v1.SignJwtRequest, com.google.cloud.iam.credentials.v1.SignJwtResponse> getSignJwtMethod;
+  private static io.grpc.MethodDescriptor<
+          com.google.cloud.iam.credentials.v1.SignJwtRequest,
+          com.google.cloud.iam.credentials.v1.SignJwtResponse>
+      getSignJwtMethodHelper() {
+    io.grpc.MethodDescriptor<
+            com.google.cloud.iam.credentials.v1.SignJwtRequest,
+            com.google.cloud.iam.credentials.v1.SignJwtResponse>
+        getSignJwtMethod;
     if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
       synchronized (IAMCredentialsGrpc.class) {
         if ((getSignJwtMethod = IAMCredentialsGrpc.getSignJwtMethod) == null) {
-          IAMCredentialsGrpc.getSignJwtMethod = getSignJwtMethod = 
-              io.grpc.MethodDescriptor.<com.google.cloud.iam.credentials.v1.SignJwtRequest, com.google.cloud.iam.credentials.v1.SignJwtResponse>newBuilder()
-              .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
-              .setFullMethodName(generateFullMethodName(
-                  "google.iam.credentials.v1.IAMCredentials", "SignJwt"))
-              .setSampledToLocalTracing(true)
-              .setRequestMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.SignJwtRequest.getDefaultInstance()))
-              .setResponseMarshaller(io.grpc.protobuf.ProtoUtils.marshaller(
-                  com.google.cloud.iam.credentials.v1.SignJwtResponse.getDefaultInstance()))
-                  .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignJwt"))
-                  .build();
-          }
+          IAMCredentialsGrpc.getSignJwtMethod =
+              getSignJwtMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.cloud.iam.credentials.v1.SignJwtRequest,
+                          com.google.cloud.iam.credentials.v1.SignJwtResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(
+                              "google.iam.credentials.v1.IAMCredentials", "SignJwt"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.SignJwtRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.cloud.iam.credentials.v1.SignJwtResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(new IAMCredentialsMethodDescriptorSupplier("SignJwt"))
+                      .build();
         }
-     }
-     return getSignJwtMethod;
+      }
+    }
+    return getSignJwtMethod;
   }
 
-  /**
-   * Creates a new async stub that supports all call types for the service
-   */
+  /** Creates a new async stub that supports all call types for the service */
   public static IAMCredentialsStub newStub(io.grpc.Channel channel) {
     return new IAMCredentialsStub(channel);
   }
@@ -196,20 +274,18 @@ public static IAMCredentialsStub newStub(io.grpc.Channel channel) {
   /**
    * Creates a new blocking-style stub that supports unary and streaming output calls on the service
    */
-  public static IAMCredentialsBlockingStub newBlockingStub(
-      io.grpc.Channel channel) {
+  public static IAMCredentialsBlockingStub newBlockingStub(io.grpc.Channel channel) {
     return new IAMCredentialsBlockingStub(channel);
   }
 
-  /**
-   * Creates a new ListenableFuture-style stub that supports unary calls on the service
-   */
-  public static IAMCredentialsFutureStub newFutureStub(
-      io.grpc.Channel channel) {
+  /** Creates a new ListenableFuture-style stub that supports unary calls on the service */
+  public static IAMCredentialsFutureStub newFutureStub(io.grpc.Channel channel) {
     return new IAMCredentialsFutureStub(channel);
   }
 
   /**
+   *
+   *
    * <pre>
    * A service account is a special type of Google account that belongs to your
    * application or a virtual machine (VM), instead of to an individual end user.
@@ -221,83 +297,102 @@ public static IAMCredentialsFutureStub newFutureStub(
    * more.
    * </pre>
    */
-  public static abstract class IAMCredentialsImplBase implements io.grpc.BindableService {
+  public abstract static class IAMCredentialsImplBase implements io.grpc.BindableService {
 
     /**
+     *
+     *
      * <pre>
      * Generates an OAuth 2.0 access token for a service account.
      * </pre>
      */
-    public void generateAccessToken(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
+    public void generateAccessToken(
+        com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+            responseObserver) {
       asyncUnimplementedUnaryCall(getGenerateAccessTokenMethodHelper(), responseObserver);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OpenID Connect ID token for a service account.
      * </pre>
      */
-    public void generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
+    public void generateIdToken(
+        com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+            responseObserver) {
       asyncUnimplementedUnaryCall(getGenerateIdTokenMethodHelper(), responseObserver);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a blob using a service account's system-managed private key.
      * </pre>
      */
-    public void signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse> responseObserver) {
+    public void signBlob(
+        com.google.cloud.iam.credentials.v1.SignBlobRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse>
+            responseObserver) {
       asyncUnimplementedUnaryCall(getSignBlobMethodHelper(), responseObserver);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a JWT using a service account's system-managed private key.
      * </pre>
      */
-    public void signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse> responseObserver) {
+    public void signJwt(
+        com.google.cloud.iam.credentials.v1.SignJwtRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse>
+            responseObserver) {
       asyncUnimplementedUnaryCall(getSignJwtMethodHelper(), responseObserver);
     }
 
-    @java.lang.Override public final io.grpc.ServerServiceDefinition bindService() {
+    @java.lang.Override
+    public final io.grpc.ServerServiceDefinition bindService() {
       return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor())
           .addMethod(
-            getGenerateAccessTokenMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
-                com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>(
-                  this, METHODID_GENERATE_ACCESS_TOKEN)))
+              getGenerateAccessTokenMethodHelper(),
+              asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest,
+                      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>(
+                      this, METHODID_GENERATE_ACCESS_TOKEN)))
           .addMethod(
-            getGenerateIdTokenMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
-                com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>(
-                  this, METHODID_GENERATE_ID_TOKEN)))
+              getGenerateIdTokenMethodHelper(),
+              asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest,
+                      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>(
+                      this, METHODID_GENERATE_ID_TOKEN)))
           .addMethod(
-            getSignBlobMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.cloud.iam.credentials.v1.SignBlobRequest,
-                com.google.cloud.iam.credentials.v1.SignBlobResponse>(
-                  this, METHODID_SIGN_BLOB)))
+              getSignBlobMethodHelper(),
+              asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.iam.credentials.v1.SignBlobRequest,
+                      com.google.cloud.iam.credentials.v1.SignBlobResponse>(
+                      this, METHODID_SIGN_BLOB)))
           .addMethod(
-            getSignJwtMethodHelper(),
-            asyncUnaryCall(
-              new MethodHandlers<
-                com.google.cloud.iam.credentials.v1.SignJwtRequest,
-                com.google.cloud.iam.credentials.v1.SignJwtResponse>(
-                  this, METHODID_SIGN_JWT)))
+              getSignJwtMethodHelper(),
+              asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.cloud.iam.credentials.v1.SignJwtRequest,
+                      com.google.cloud.iam.credentials.v1.SignJwtResponse>(
+                      this, METHODID_SIGN_JWT)))
           .build();
     }
   }
 
   /**
+   *
+   *
    * <pre>
    * A service account is a special type of Google account that belongs to your
    * application or a virtual machine (VM), instead of to an individual end user.
@@ -309,68 +404,93 @@ public void signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request,
    * more.
    * </pre>
    */
-  public static final class IAMCredentialsStub extends io.grpc.stub.AbstractStub<IAMCredentialsStub> {
+  public static final class IAMCredentialsStub
+      extends io.grpc.stub.AbstractStub<IAMCredentialsStub> {
     private IAMCredentialsStub(io.grpc.Channel channel) {
       super(channel);
     }
 
-    private IAMCredentialsStub(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
+    private IAMCredentialsStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
       super(channel, callOptions);
     }
 
     @java.lang.Override
-    protected IAMCredentialsStub build(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
+    protected IAMCredentialsStub build(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
       return new IAMCredentialsStub(channel, callOptions);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OAuth 2.0 access token for a service account.
      * </pre>
      */
-    public void generateAccessToken(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> responseObserver) {
+    public void generateAccessToken(
+        com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+            responseObserver) {
       asyncUnaryCall(
-          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request, responseObserver);
+          getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()),
+          request,
+          responseObserver);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OpenID Connect ID token for a service account.
      * </pre>
      */
-    public void generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> responseObserver) {
+    public void generateIdToken(
+        com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+            responseObserver) {
       asyncUnaryCall(
-          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request, responseObserver);
+          getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()),
+          request,
+          responseObserver);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a blob using a service account's system-managed private key.
      * </pre>
      */
-    public void signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse> responseObserver) {
+    public void signBlob(
+        com.google.cloud.iam.credentials.v1.SignBlobRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse>
+            responseObserver) {
       asyncUnaryCall(
-          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request, responseObserver);
+          getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()),
+          request,
+          responseObserver);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a JWT using a service account's system-managed private key.
      * </pre>
      */
-    public void signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request,
-        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse> responseObserver) {
+    public void signJwt(
+        com.google.cloud.iam.credentials.v1.SignJwtRequest request,
+        io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse>
+            responseObserver) {
       asyncUnaryCall(
-          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request, responseObserver);
+          getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()),
+          request,
+          responseObserver);
     }
   }
 
   /**
+   *
+   *
    * <pre>
    * A service account is a special type of Google account that belongs to your
    * application or a virtual machine (VM), instead of to an individual end user.
@@ -382,64 +502,76 @@ public void signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request,
    * more.
    * </pre>
    */
-  public static final class IAMCredentialsBlockingStub extends io.grpc.stub.AbstractStub<IAMCredentialsBlockingStub> {
+  public static final class IAMCredentialsBlockingStub
+      extends io.grpc.stub.AbstractStub<IAMCredentialsBlockingStub> {
     private IAMCredentialsBlockingStub(io.grpc.Channel channel) {
       super(channel);
     }
 
-    private IAMCredentialsBlockingStub(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
+    private IAMCredentialsBlockingStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
       super(channel, callOptions);
     }
 
     @java.lang.Override
-    protected IAMCredentialsBlockingStub build(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
+    protected IAMCredentialsBlockingStub build(
+        io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
       return new IAMCredentialsBlockingStub(channel, callOptions);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OAuth 2.0 access token for a service account.
      * </pre>
      */
-    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse generateAccessToken(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request) {
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse generateAccessToken(
+        com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request) {
       return blockingUnaryCall(
           getChannel(), getGenerateAccessTokenMethodHelper(), getCallOptions(), request);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OpenID Connect ID token for a service account.
      * </pre>
      */
-    public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request) {
+    public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse generateIdToken(
+        com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request) {
       return blockingUnaryCall(
           getChannel(), getGenerateIdTokenMethodHelper(), getCallOptions(), request);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a blob using a service account's system-managed private key.
      * </pre>
      */
-    public com.google.cloud.iam.credentials.v1.SignBlobResponse signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getSignBlobMethodHelper(), getCallOptions(), request);
+    public com.google.cloud.iam.credentials.v1.SignBlobResponse signBlob(
+        com.google.cloud.iam.credentials.v1.SignBlobRequest request) {
+      return blockingUnaryCall(getChannel(), getSignBlobMethodHelper(), getCallOptions(), request);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a JWT using a service account's system-managed private key.
      * </pre>
      */
-    public com.google.cloud.iam.credentials.v1.SignJwtResponse signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request) {
-      return blockingUnaryCall(
-          getChannel(), getSignJwtMethodHelper(), getCallOptions(), request);
+    public com.google.cloud.iam.credentials.v1.SignJwtResponse signJwt(
+        com.google.cloud.iam.credentials.v1.SignJwtRequest request) {
+      return blockingUnaryCall(getChannel(), getSignJwtMethodHelper(), getCallOptions(), request);
     }
   }
 
   /**
+   *
+   *
    * <pre>
    * A service account is a special type of Google account that belongs to your
    * application or a virtual machine (VM), instead of to an individual end user.
@@ -451,62 +583,75 @@ public com.google.cloud.iam.credentials.v1.SignJwtResponse signJwt(com.google.cl
    * more.
    * </pre>
    */
-  public static final class IAMCredentialsFutureStub extends io.grpc.stub.AbstractStub<IAMCredentialsFutureStub> {
+  public static final class IAMCredentialsFutureStub
+      extends io.grpc.stub.AbstractStub<IAMCredentialsFutureStub> {
     private IAMCredentialsFutureStub(io.grpc.Channel channel) {
       super(channel);
     }
 
-    private IAMCredentialsFutureStub(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
+    private IAMCredentialsFutureStub(io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
       super(channel, callOptions);
     }
 
     @java.lang.Override
-    protected IAMCredentialsFutureStub build(io.grpc.Channel channel,
-        io.grpc.CallOptions callOptions) {
+    protected IAMCredentialsFutureStub build(
+        io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
       return new IAMCredentialsFutureStub(channel, callOptions);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OAuth 2.0 access token for a service account.
      * </pre>
      */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse> generateAccessToken(
-        com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request) {
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>
+        generateAccessToken(
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest request) {
       return futureUnaryCall(
           getChannel().newCall(getGenerateAccessTokenMethodHelper(), getCallOptions()), request);
     }
 
     /**
+     *
+     *
      * <pre>
      * Generates an OpenID Connect ID token for a service account.
      * </pre>
      */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse> generateIdToken(
-        com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request) {
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>
+        generateIdToken(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest request) {
       return futureUnaryCall(
           getChannel().newCall(getGenerateIdTokenMethodHelper(), getCallOptions()), request);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a blob using a service account's system-managed private key.
      * </pre>
      */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.SignBlobResponse> signBlob(
-        com.google.cloud.iam.credentials.v1.SignBlobRequest request) {
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.iam.credentials.v1.SignBlobResponse>
+        signBlob(com.google.cloud.iam.credentials.v1.SignBlobRequest request) {
       return futureUnaryCall(
           getChannel().newCall(getSignBlobMethodHelper(), getCallOptions()), request);
     }
 
     /**
+     *
+     *
      * <pre>
      * Signs a JWT using a service account's system-managed private key.
      * </pre>
      */
-    public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.credentials.v1.SignJwtResponse> signJwt(
-        com.google.cloud.iam.credentials.v1.SignJwtRequest request) {
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.cloud.iam.credentials.v1.SignJwtResponse>
+        signJwt(com.google.cloud.iam.credentials.v1.SignJwtRequest request) {
       return futureUnaryCall(
           getChannel().newCall(getSignJwtMethodHelper(), getCallOptions()), request);
     }
@@ -517,11 +662,11 @@ public com.google.common.util.concurrent.ListenableFuture<com.google.cloud.iam.c
   private static final int METHODID_SIGN_BLOB = 2;
   private static final int METHODID_SIGN_JWT = 3;
 
-  private static final class MethodHandlers<Req, Resp> implements
-      io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
-      io.grpc.stub.ServerCalls.ServerStreamingMethod<Req, Resp>,
-      io.grpc.stub.ServerCalls.ClientStreamingMethod<Req, Resp>,
-      io.grpc.stub.ServerCalls.BidiStreamingMethod<Req, Resp> {
+  private static final class MethodHandlers<Req, Resp>
+      implements io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
+          io.grpc.stub.ServerCalls.ServerStreamingMethod<Req, Resp>,
+          io.grpc.stub.ServerCalls.ClientStreamingMethod<Req, Resp>,
+          io.grpc.stub.ServerCalls.BidiStreamingMethod<Req, Resp> {
     private final IAMCredentialsImplBase serviceImpl;
     private final int methodId;
 
@@ -535,20 +680,30 @@ private static final class MethodHandlers<Req, Resp> implements
     public void invoke(Req request, io.grpc.stub.StreamObserver<Resp> responseObserver) {
       switch (methodId) {
         case METHODID_GENERATE_ACCESS_TOKEN:
-          serviceImpl.generateAccessToken((com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>) responseObserver);
+          serviceImpl.generateAccessToken(
+              (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) request,
+              (io.grpc.stub.StreamObserver<
+                      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse>)
+                  responseObserver);
           break;
         case METHODID_GENERATE_ID_TOKEN:
-          serviceImpl.generateIdToken((com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>) responseObserver);
+          serviceImpl.generateIdToken(
+              (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) request,
+              (io.grpc.stub.StreamObserver<
+                      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse>)
+                  responseObserver);
           break;
         case METHODID_SIGN_BLOB:
-          serviceImpl.signBlob((com.google.cloud.iam.credentials.v1.SignBlobRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse>) responseObserver);
+          serviceImpl.signBlob(
+              (com.google.cloud.iam.credentials.v1.SignBlobRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignBlobResponse>)
+                  responseObserver);
           break;
         case METHODID_SIGN_JWT:
-          serviceImpl.signJwt((com.google.cloud.iam.credentials.v1.SignJwtRequest) request,
-              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse>) responseObserver);
+          serviceImpl.signJwt(
+              (com.google.cloud.iam.credentials.v1.SignJwtRequest) request,
+              (io.grpc.stub.StreamObserver<com.google.cloud.iam.credentials.v1.SignJwtResponse>)
+                  responseObserver);
           break;
         default:
           throw new AssertionError();
@@ -566,8 +721,9 @@ public io.grpc.stub.StreamObserver<Req> invoke(
     }
   }
 
-  private static abstract class IAMCredentialsBaseDescriptorSupplier
-      implements io.grpc.protobuf.ProtoFileDescriptorSupplier, io.grpc.protobuf.ProtoServiceDescriptorSupplier {
+  private abstract static class IAMCredentialsBaseDescriptorSupplier
+      implements io.grpc.protobuf.ProtoFileDescriptorSupplier,
+          io.grpc.protobuf.ProtoServiceDescriptorSupplier {
     IAMCredentialsBaseDescriptorSupplier() {}
 
     @java.lang.Override
@@ -609,13 +765,15 @@ public static io.grpc.ServiceDescriptor getServiceDescriptor() {
       synchronized (IAMCredentialsGrpc.class) {
         result = serviceDescriptor;
         if (result == null) {
-          serviceDescriptor = result = io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
-              .setSchemaDescriptor(new IAMCredentialsFileDescriptorSupplier())
-              .addMethod(getGenerateAccessTokenMethodHelper())
-              .addMethod(getGenerateIdTokenMethodHelper())
-              .addMethod(getSignBlobMethodHelper())
-              .addMethod(getSignJwtMethodHelper())
-              .build();
+          serviceDescriptor =
+              result =
+                  io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
+                      .setSchemaDescriptor(new IAMCredentialsFileDescriptorSupplier())
+                      .addMethod(getGenerateAccessTokenMethodHelper())
+                      .addMethod(getGenerateIdTokenMethodHelper())
+                      .addMethod(getSignBlobMethodHelper())
+                      .addMethod(getSignJwtMethodHelper())
+                      .build();
         }
       }
     }
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java
index 2ef4d87096d6..78035a93ecc5 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequest.java
@@ -3,18 +3,17 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
- */
-public  final class GenerateAccessTokenRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest} */
+public final class GenerateAccessTokenRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
     GenerateAccessTokenRequestOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use GenerateAccessTokenRequest.newBuilder() to construct.
   private GenerateAccessTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private GenerateAccessTokenRequest() {
     name_ = "";
     delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
@@ -22,10 +21,10 @@ private GenerateAccessTokenRequest() {
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private GenerateAccessTokenRequest(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -45,57 +44,61 @@ private GenerateAccessTokenRequest(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            name_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
+              name_ = s;
+              break;
             }
-            delegates_.add(s);
-            break;
-          }
-          case 34: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
-              scope_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000004;
-            }
-            scope_.add(s);
-            break;
-          }
-          case 58: {
-            com.google.protobuf.Duration.Builder subBuilder = null;
-            if (lifetime_ != null) {
-              subBuilder = lifetime_.toBuilder();
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+              if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+                delegates_ = new com.google.protobuf.LazyStringArrayList();
+                mutable_bitField0_ |= 0x00000002;
+              }
+              delegates_.add(s);
+              break;
             }
-            lifetime_ = input.readMessage(com.google.protobuf.Duration.parser(), extensionRegistry);
-            if (subBuilder != null) {
-              subBuilder.mergeFrom(lifetime_);
-              lifetime_ = subBuilder.buildPartial();
+          case 34:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+              if (!((mutable_bitField0_ & 0x00000004) == 0x00000004)) {
+                scope_ = new com.google.protobuf.LazyStringArrayList();
+                mutable_bitField0_ |= 0x00000004;
+              }
+              scope_.add(s);
+              break;
             }
+          case 58:
+            {
+              com.google.protobuf.Duration.Builder subBuilder = null;
+              if (lifetime_ != null) {
+                subBuilder = lifetime_.toBuilder();
+              }
+              lifetime_ =
+                  input.readMessage(com.google.protobuf.Duration.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(lifetime_);
+                lifetime_ = subBuilder.buildPartial();
+              }
 
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = delegates_.getUnmodifiableView();
@@ -107,23 +110,28 @@ private GenerateAccessTokenRequest(
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.class,
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
   }
 
   private int bitField0_;
   public static final int NAME_FIELD_NUMBER = 1;
   private volatile java.lang.Object name_;
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -137,14 +145,15 @@ public java.lang.String getName() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       name_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -153,13 +162,11 @@ public java.lang.String getName() {
    *
    * <code>string name = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
+  public com.google.protobuf.ByteString getNameBytes() {
     java.lang.Object ref = name_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       name_ = b;
       return b;
     } else {
@@ -170,6 +177,8 @@ public java.lang.String getName() {
   public static final int DELEGATES_FIELD_NUMBER = 2;
   private com.google.protobuf.LazyStringList delegates_;
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -183,11 +192,12 @@ public java.lang.String getName() {
    *
    * <code>repeated string delegates = 2;</code>
    */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
+  public com.google.protobuf.ProtocolStringList getDelegatesList() {
     return delegates_;
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -205,6 +215,8 @@ public int getDelegatesCount() {
     return delegates_.size();
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -222,6 +234,8 @@ public java.lang.String getDelegates(int index) {
     return delegates_.get(index);
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -235,14 +249,15 @@ public java.lang.String getDelegates(int index) {
    *
    * <code>repeated string delegates = 2;</code>
    */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
+  public com.google.protobuf.ByteString getDelegatesBytes(int index) {
     return delegates_.getByteString(index);
   }
 
   public static final int SCOPE_FIELD_NUMBER = 4;
   private com.google.protobuf.LazyStringList scope_;
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -252,11 +267,12 @@ public java.lang.String getDelegates(int index) {
    *
    * <code>repeated string scope = 4;</code>
    */
-  public com.google.protobuf.ProtocolStringList
-      getScopeList() {
+  public com.google.protobuf.ProtocolStringList getScopeList() {
     return scope_;
   }
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -270,6 +286,8 @@ public int getScopeCount() {
     return scope_.size();
   }
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -283,6 +301,8 @@ public java.lang.String getScope(int index) {
     return scope_.get(index);
   }
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -292,14 +312,15 @@ public java.lang.String getScope(int index) {
    *
    * <code>repeated string scope = 4;</code>
    */
-  public com.google.protobuf.ByteString
-      getScopeBytes(int index) {
+  public com.google.protobuf.ByteString getScopeBytes(int index) {
     return scope_.getByteString(index);
   }
 
   public static final int LIFETIME_FIELD_NUMBER = 7;
   private com.google.protobuf.Duration lifetime_;
   /**
+   *
+   *
    * <pre>
    * The desired lifetime duration of the access token in seconds.
    * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -313,6 +334,8 @@ public boolean hasLifetime() {
     return lifetime_ != null;
   }
   /**
+   *
+   *
    * <pre>
    * The desired lifetime duration of the access token in seconds.
    * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -326,6 +349,8 @@ public com.google.protobuf.Duration getLifetime() {
     return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
   }
   /**
+   *
+   *
    * <pre>
    * The desired lifetime duration of the access token in seconds.
    * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -340,6 +365,7 @@ public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -351,8 +377,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getNameBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
     }
@@ -394,8 +419,7 @@ public int getSerializedSize() {
       size += 1 * getScopeList().size();
     }
     if (lifetime_ != null) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeMessageSize(7, getLifetime());
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(7, getLifetime());
     }
     size += unknownFields.getSerializedSize();
     memoizedSize = size;
@@ -405,24 +429,21 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest other = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) obj;
+    com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest other =
+        (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) obj;
 
     boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getScopeList()
-        .equals(other.getScopeList());
+    result = result && getName().equals(other.getName());
+    result = result && getDelegatesList().equals(other.getDelegatesList());
+    result = result && getScopeList().equals(other.getScopeList());
     result = result && (hasLifetime() == other.hasLifetime());
     if (hasLifetime()) {
-      result = result && getLifetime()
-          .equals(other.getLifetime());
+      result = result && getLifetime().equals(other.getLifetime());
     }
     result = result && unknownFields.equals(other.unknownFields);
     return result;
@@ -455,113 +476,119 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
-  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest prototype) {
+
+  public static Builder newBuilder(
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenRequest} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenRequest)
       com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
+              com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.class,
+              com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.newBuilder()
@@ -569,16 +596,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -598,13 +624,14 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
     }
 
     @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest
+        getDefaultInstanceForType() {
       return com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance();
     }
 
@@ -619,7 +646,8 @@ public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest buildPartial() {
-      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest result = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest(this);
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest result =
+          new com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest(this);
       int from_bitField0_ = bitField0_;
       int to_bitField0_ = 0;
       result.name_ = name_;
@@ -647,38 +675,39 @@ public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest buildParti
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -686,7 +715,9 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest other) {
-      if (other == com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance()) return this;
+      if (other
+          == com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest.getDefaultInstance())
+        return this;
       if (!other.getName().isEmpty()) {
         name_ = other.name_;
         onChanged();
@@ -733,7 +764,9 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest)
+                e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -742,10 +775,13 @@ public Builder mergeFrom(
       }
       return this;
     }
+
     private int bitField0_;
 
     private java.lang.Object name_ = "";
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -757,8 +793,7 @@ public Builder mergeFrom(
     public java.lang.String getName() {
       java.lang.Object ref = name_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         name_ = s;
         return s;
@@ -767,6 +802,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -775,13 +812,11 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
+    public com.google.protobuf.ByteString getNameBytes() {
       java.lang.Object ref = name_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         name_ = b;
         return b;
       } else {
@@ -789,6 +824,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -797,17 +834,18 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setName(
-        java.lang.String value) {
+    public Builder setName(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       name_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -817,12 +855,14 @@ public Builder setName(
      * <code>string name = 1;</code>
      */
     public Builder clearName() {
-      
+
       name_ = getDefaultInstance().getName();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -831,26 +871,29 @@ public Builder clearName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       name_ = value;
       onChanged();
       return this;
     }
 
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private com.google.protobuf.LazyStringList delegates_ =
+        com.google.protobuf.LazyStringArrayList.EMPTY;
+
     private void ensureDelegatesIsMutable() {
       if (!((bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
         bitField0_ |= 0x00000002;
-       }
+      }
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -864,11 +907,12 @@ private void ensureDelegatesIsMutable() {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
+    public com.google.protobuf.ProtocolStringList getDelegatesList() {
       return delegates_.getUnmodifiableView();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -886,6 +930,8 @@ public int getDelegatesCount() {
       return delegates_.size();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -903,6 +949,8 @@ public java.lang.String getDelegates(int index) {
       return delegates_.get(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -916,11 +964,12 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
+    public com.google.protobuf.ByteString getDelegatesBytes(int index) {
       return delegates_.getByteString(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -934,17 +983,18 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
+    public Builder setDelegates(int index, java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.set(index, value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -958,17 +1008,18 @@ public Builder setDelegates(
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder addDelegates(
-        java.lang.String value) {
+    public Builder addDelegates(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -982,15 +1033,15 @@ public Builder addDelegates(
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
+    public Builder addAllDelegates(java.lang.Iterable<java.lang.String> values) {
       ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(values, delegates_);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -1011,6 +1062,8 @@ public Builder clearDelegates() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -1024,26 +1077,29 @@ public Builder clearDelegates() {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder addDelegatesBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
       ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
       return this;
     }
 
-    private com.google.protobuf.LazyStringList scope_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private com.google.protobuf.LazyStringList scope_ =
+        com.google.protobuf.LazyStringArrayList.EMPTY;
+
     private void ensureScopeIsMutable() {
       if (!((bitField0_ & 0x00000004) == 0x00000004)) {
         scope_ = new com.google.protobuf.LazyStringArrayList(scope_);
         bitField0_ |= 0x00000004;
-       }
+      }
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1053,11 +1109,12 @@ private void ensureScopeIsMutable() {
      *
      * <code>repeated string scope = 4;</code>
      */
-    public com.google.protobuf.ProtocolStringList
-        getScopeList() {
+    public com.google.protobuf.ProtocolStringList getScopeList() {
       return scope_.getUnmodifiableView();
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1071,6 +1128,8 @@ public int getScopeCount() {
       return scope_.size();
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1084,6 +1143,8 @@ public java.lang.String getScope(int index) {
       return scope_.get(index);
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1093,11 +1154,12 @@ public java.lang.String getScope(int index) {
      *
      * <code>repeated string scope = 4;</code>
      */
-    public com.google.protobuf.ByteString
-        getScopeBytes(int index) {
+    public com.google.protobuf.ByteString getScopeBytes(int index) {
       return scope_.getByteString(index);
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1107,17 +1169,18 @@ public java.lang.String getScope(int index) {
      *
      * <code>repeated string scope = 4;</code>
      */
-    public Builder setScope(
-        int index, java.lang.String value) {
+    public Builder setScope(int index, java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
+        throw new NullPointerException();
+      }
+      ensureScopeIsMutable();
       scope_.set(index, value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1127,17 +1190,18 @@ public Builder setScope(
      *
      * <code>repeated string scope = 4;</code>
      */
-    public Builder addScope(
-        java.lang.String value) {
+    public Builder addScope(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureScopeIsMutable();
+        throw new NullPointerException();
+      }
+      ensureScopeIsMutable();
       scope_.add(value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1147,15 +1211,15 @@ public Builder addScope(
      *
      * <code>repeated string scope = 4;</code>
      */
-    public Builder addAllScope(
-        java.lang.Iterable<java.lang.String> values) {
+    public Builder addAllScope(java.lang.Iterable<java.lang.String> values) {
       ensureScopeIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, scope_);
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(values, scope_);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1172,6 +1236,8 @@ public Builder clearScope() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Code to identify the scopes to be included in the OAuth 2.0 access token.
      * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -1181,12 +1247,11 @@ public Builder clearScope() {
      *
      * <code>repeated string scope = 4;</code>
      */
-    public Builder addScopeBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder addScopeBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
       ensureScopeIsMutable();
       scope_.add(value);
       onChanged();
@@ -1195,8 +1260,13 @@ public Builder addScopeBytes(
 
     private com.google.protobuf.Duration lifetime_ = null;
     private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> lifetimeBuilder_;
+            com.google.protobuf.Duration,
+            com.google.protobuf.Duration.Builder,
+            com.google.protobuf.DurationOrBuilder>
+        lifetimeBuilder_;
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1210,6 +1280,8 @@ public boolean hasLifetime() {
       return lifetimeBuilder_ != null || lifetime_ != null;
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1227,6 +1299,8 @@ public com.google.protobuf.Duration getLifetime() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1250,6 +1324,8 @@ public Builder setLifetime(com.google.protobuf.Duration value) {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1259,8 +1335,7 @@ public Builder setLifetime(com.google.protobuf.Duration value) {
      *
      * <code>.google.protobuf.Duration lifetime = 7;</code>
      */
-    public Builder setLifetime(
-        com.google.protobuf.Duration.Builder builderForValue) {
+    public Builder setLifetime(com.google.protobuf.Duration.Builder builderForValue) {
       if (lifetimeBuilder_ == null) {
         lifetime_ = builderForValue.build();
         onChanged();
@@ -1271,6 +1346,8 @@ public Builder setLifetime(
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1284,7 +1361,7 @@ public Builder mergeLifetime(com.google.protobuf.Duration value) {
       if (lifetimeBuilder_ == null) {
         if (lifetime_ != null) {
           lifetime_ =
-            com.google.protobuf.Duration.newBuilder(lifetime_).mergeFrom(value).buildPartial();
+              com.google.protobuf.Duration.newBuilder(lifetime_).mergeFrom(value).buildPartial();
         } else {
           lifetime_ = value;
         }
@@ -1296,6 +1373,8 @@ public Builder mergeLifetime(com.google.protobuf.Duration value) {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1317,6 +1396,8 @@ public Builder clearLifetime() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1327,11 +1408,13 @@ public Builder clearLifetime() {
      * <code>.google.protobuf.Duration lifetime = 7;</code>
      */
     public com.google.protobuf.Duration.Builder getLifetimeBuilder() {
-      
+
       onChanged();
       return getLifetimeFieldBuilder().getBuilder();
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1345,11 +1428,12 @@ public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
       if (lifetimeBuilder_ != null) {
         return lifetimeBuilder_.getMessageOrBuilder();
       } else {
-        return lifetime_ == null ?
-            com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
+        return lifetime_ == null ? com.google.protobuf.Duration.getDefaultInstance() : lifetime_;
       }
     }
     /**
+     *
+     *
      * <pre>
      * The desired lifetime duration of the access token in seconds.
      * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -1360,21 +1444,24 @@ public com.google.protobuf.DurationOrBuilder getLifetimeOrBuilder() {
      * <code>.google.protobuf.Duration lifetime = 7;</code>
      */
     private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder> 
+            com.google.protobuf.Duration,
+            com.google.protobuf.Duration.Builder,
+            com.google.protobuf.DurationOrBuilder>
         getLifetimeFieldBuilder() {
       if (lifetimeBuilder_ == null) {
-        lifetimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-            com.google.protobuf.Duration, com.google.protobuf.Duration.Builder, com.google.protobuf.DurationOrBuilder>(
-                getLifetime(),
-                getParentForChildren(),
-                isClean());
+        lifetimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Duration,
+                com.google.protobuf.Duration.Builder,
+                com.google.protobuf.DurationOrBuilder>(
+                getLifetime(), getParentForChildren(), isClean());
         lifetime_ = null;
       }
       return lifetimeBuilder_;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -1384,30 +1471,32 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenRequest)
-  private static final com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest DEFAULT_INSTANCE;
+  private static final com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest
+      DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest();
   }
 
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstance() {
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest
+      getDefaultInstance() {
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<GenerateAccessTokenRequest>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenRequest>() {
-    @java.lang.Override
-    public GenerateAccessTokenRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateAccessTokenRequest(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<GenerateAccessTokenRequest> PARSER =
+      new com.google.protobuf.AbstractParser<GenerateAccessTokenRequest>() {
+        @java.lang.Override
+        public GenerateAccessTokenRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GenerateAccessTokenRequest(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<GenerateAccessTokenRequest> parser() {
     return PARSER;
@@ -1419,9 +1508,8 @@ public com.google.protobuf.Parser<GenerateAccessTokenRequest> getParserForType()
   }
 
   @java.lang.Override
-  public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest getDefaultInstanceForType() {
+  public com.google.cloud.iam.credentials.v1.GenerateAccessTokenRequest
+      getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
index f102bb4025d3..4d1d761ab05d 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenRequestOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface GenerateAccessTokenRequestOrBuilder extends
+public interface GenerateAccessTokenRequestOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenRequest)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -18,6 +21,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   java.lang.String getName();
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -26,10 +31,11 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    *
    * <code>string name = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getNameBytes();
+  com.google.protobuf.ByteString getNameBytes();
 
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -43,9 +49,10 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    *
    * <code>repeated string delegates = 2;</code>
    */
-  java.util.List<java.lang.String>
-      getDelegatesList();
+  java.util.List<java.lang.String> getDelegatesList();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -61,6 +68,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   int getDelegatesCount();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -76,6 +85,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   java.lang.String getDelegates(int index);
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -89,10 +100,11 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    *
    * <code>repeated string delegates = 2;</code>
    */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
+  com.google.protobuf.ByteString getDelegatesBytes(int index);
 
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -102,9 +114,10 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    *
    * <code>repeated string scope = 4;</code>
    */
-  java.util.List<java.lang.String>
-      getScopeList();
+  java.util.List<java.lang.String> getScopeList();
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -116,6 +129,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   int getScopeCount();
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -127,6 +142,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   java.lang.String getScope(int index);
   /**
+   *
+   *
    * <pre>
    * Code to identify the scopes to be included in the OAuth 2.0 access token.
    * See https://developers.google.com/identity/protocols/googlescopes for more
@@ -136,10 +153,11 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    *
    * <code>repeated string scope = 4;</code>
    */
-  com.google.protobuf.ByteString
-      getScopeBytes(int index);
+  com.google.protobuf.ByteString getScopeBytes(int index);
 
   /**
+   *
+   *
    * <pre>
    * The desired lifetime duration of the access token in seconds.
    * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -151,6 +169,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   boolean hasLifetime();
   /**
+   *
+   *
    * <pre>
    * The desired lifetime duration of the access token in seconds.
    * Must be set to a value less than or equal to 3600 (1 hour). If a value is
@@ -162,6 +182,8 @@ public interface GenerateAccessTokenRequestOrBuilder extends
    */
   com.google.protobuf.Duration getLifetime();
   /**
+   *
+   *
    * <pre>
    * The desired lifetime duration of the access token in seconds.
    * Must be set to a value less than or equal to 3600 (1 hour). If a value is
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java
index 796b948a2e4e..d8eab2301d25 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponse.java
@@ -3,27 +3,26 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
- */
-public  final class GenerateAccessTokenResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse} */
+public final class GenerateAccessTokenResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
     GenerateAccessTokenResponseOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use GenerateAccessTokenResponse.newBuilder() to construct.
   private GenerateAccessTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private GenerateAccessTokenResponse() {
     accessToken_ = "";
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private GenerateAccessTokenResponse(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -43,60 +42,67 @@ private GenerateAccessTokenResponse(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            accessToken_ = s;
-            break;
-          }
-          case 26: {
-            com.google.protobuf.Timestamp.Builder subBuilder = null;
-            if (expireTime_ != null) {
-              subBuilder = expireTime_.toBuilder();
+              accessToken_ = s;
+              break;
             }
-            expireTime_ = input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
-            if (subBuilder != null) {
-              subBuilder.mergeFrom(expireTime_);
-              expireTime_ = subBuilder.buildPartial();
+          case 26:
+            {
+              com.google.protobuf.Timestamp.Builder subBuilder = null;
+              if (expireTime_ != null) {
+                subBuilder = expireTime_.toBuilder();
+              }
+              expireTime_ =
+                  input.readMessage(com.google.protobuf.Timestamp.parser(), extensionRegistry);
+              if (subBuilder != null) {
+                subBuilder.mergeFrom(expireTime_);
+                expireTime_ = subBuilder.buildPartial();
+              }
+
+              break;
             }
-
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       this.unknownFields = unknownFields.build();
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.class,
+            com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
   }
 
   public static final int ACCESS_TOKEN_FIELD_NUMBER = 1;
   private volatile java.lang.Object accessToken_;
   /**
+   *
+   *
    * <pre>
    * The OAuth 2.0 access token.
    * </pre>
@@ -108,27 +114,26 @@ public java.lang.String getAccessToken() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       accessToken_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The OAuth 2.0 access token.
    * </pre>
    *
    * <code>string access_token = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getAccessTokenBytes() {
+  public com.google.protobuf.ByteString getAccessTokenBytes() {
     java.lang.Object ref = accessToken_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       accessToken_ = b;
       return b;
     } else {
@@ -139,6 +144,8 @@ public java.lang.String getAccessToken() {
   public static final int EXPIRE_TIME_FIELD_NUMBER = 3;
   private com.google.protobuf.Timestamp expireTime_;
   /**
+   *
+   *
    * <pre>
    * Token expiration time.
    * The expiration time is always set.
@@ -150,6 +157,8 @@ public boolean hasExpireTime() {
     return expireTime_ != null;
   }
   /**
+   *
+   *
    * <pre>
    * Token expiration time.
    * The expiration time is always set.
@@ -161,6 +170,8 @@ public com.google.protobuf.Timestamp getExpireTime() {
     return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
   }
   /**
+   *
+   *
    * <pre>
    * Token expiration time.
    * The expiration time is always set.
@@ -173,6 +184,7 @@ public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -184,8 +196,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getAccessTokenBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, accessToken_);
     }
@@ -205,8 +216,7 @@ public int getSerializedSize() {
       size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, accessToken_);
     }
     if (expireTime_ != null) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeMessageSize(3, getExpireTime());
+      size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, getExpireTime());
     }
     size += unknownFields.getSerializedSize();
     memoizedSize = size;
@@ -216,20 +226,19 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse other = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) obj;
+    com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse other =
+        (com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) obj;
 
     boolean result = true;
-    result = result && getAccessToken()
-        .equals(other.getAccessToken());
+    result = result && getAccessToken().equals(other.getAccessToken());
     result = result && (hasExpireTime() == other.hasExpireTime());
     if (hasExpireTime()) {
-      result = result && getExpireTime()
-          .equals(other.getExpireTime());
+      result = result && getExpireTime().equals(other.getExpireTime());
     }
     result = result && unknownFields.equals(other.unknownFields);
     return result;
@@ -254,113 +263,119 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(byte[] data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
-  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse prototype) {
+
+  public static Builder newBuilder(
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.GenerateAccessTokenResponse} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateAccessTokenResponse)
       com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
+              com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.class,
+              com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.newBuilder()
@@ -368,16 +383,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -393,13 +407,14 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
     }
 
     @java.lang.Override
-    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
+    public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse
+        getDefaultInstanceForType() {
       return com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance();
     }
 
@@ -414,7 +429,8 @@ public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse buildPartial() {
-      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse result = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse(this);
+      com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse result =
+          new com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse(this);
       result.accessToken_ = accessToken_;
       if (expireTimeBuilder_ == null) {
         result.expireTime_ = expireTime_;
@@ -429,46 +445,50 @@ public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse buildPart
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) other);
       } else {
         super.mergeFrom(other);
         return this;
       }
     }
 
-    public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse other) {
-      if (other == com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance()) return this;
+    public Builder mergeFrom(
+        com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse other) {
+      if (other
+          == com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse.getDefaultInstance())
+        return this;
       if (!other.getAccessToken().isEmpty()) {
         accessToken_ = other.accessToken_;
         onChanged();
@@ -495,7 +515,9 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse)
+                e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -507,6 +529,8 @@ public Builder mergeFrom(
 
     private java.lang.Object accessToken_ = "";
     /**
+     *
+     *
      * <pre>
      * The OAuth 2.0 access token.
      * </pre>
@@ -516,8 +540,7 @@ public Builder mergeFrom(
     public java.lang.String getAccessToken() {
       java.lang.Object ref = accessToken_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         accessToken_ = s;
         return s;
@@ -526,19 +549,19 @@ public java.lang.String getAccessToken() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The OAuth 2.0 access token.
      * </pre>
      *
      * <code>string access_token = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getAccessTokenBytes() {
+    public com.google.protobuf.ByteString getAccessTokenBytes() {
       java.lang.Object ref = accessToken_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         accessToken_ = b;
         return b;
       } else {
@@ -546,23 +569,26 @@ public java.lang.String getAccessToken() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The OAuth 2.0 access token.
      * </pre>
      *
      * <code>string access_token = 1;</code>
      */
-    public Builder setAccessToken(
-        java.lang.String value) {
+    public Builder setAccessToken(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       accessToken_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The OAuth 2.0 access token.
      * </pre>
@@ -570,25 +596,26 @@ public Builder setAccessToken(
      * <code>string access_token = 1;</code>
      */
     public Builder clearAccessToken() {
-      
+
       accessToken_ = getDefaultInstance().getAccessToken();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The OAuth 2.0 access token.
      * </pre>
      *
      * <code>string access_token = 1;</code>
      */
-    public Builder setAccessTokenBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setAccessTokenBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       accessToken_ = value;
       onChanged();
       return this;
@@ -596,8 +623,13 @@ public Builder setAccessTokenBytes(
 
     private com.google.protobuf.Timestamp expireTime_ = null;
     private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> expireTimeBuilder_;
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
+        expireTimeBuilder_;
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -609,6 +641,8 @@ public boolean hasExpireTime() {
       return expireTimeBuilder_ != null || expireTime_ != null;
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -618,12 +652,16 @@ public boolean hasExpireTime() {
      */
     public com.google.protobuf.Timestamp getExpireTime() {
       if (expireTimeBuilder_ == null) {
-        return expireTime_ == null ? com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+        return expireTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : expireTime_;
       } else {
         return expireTimeBuilder_.getMessage();
       }
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -645,6 +683,8 @@ public Builder setExpireTime(com.google.protobuf.Timestamp value) {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -652,8 +692,7 @@ public Builder setExpireTime(com.google.protobuf.Timestamp value) {
      *
      * <code>.google.protobuf.Timestamp expire_time = 3;</code>
      */
-    public Builder setExpireTime(
-        com.google.protobuf.Timestamp.Builder builderForValue) {
+    public Builder setExpireTime(com.google.protobuf.Timestamp.Builder builderForValue) {
       if (expireTimeBuilder_ == null) {
         expireTime_ = builderForValue.build();
         onChanged();
@@ -664,6 +703,8 @@ public Builder setExpireTime(
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -675,7 +716,7 @@ public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
       if (expireTimeBuilder_ == null) {
         if (expireTime_ != null) {
           expireTime_ =
-            com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
+              com.google.protobuf.Timestamp.newBuilder(expireTime_).mergeFrom(value).buildPartial();
         } else {
           expireTime_ = value;
         }
@@ -687,6 +728,8 @@ public Builder mergeExpireTime(com.google.protobuf.Timestamp value) {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -706,6 +749,8 @@ public Builder clearExpireTime() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -714,11 +759,13 @@ public Builder clearExpireTime() {
      * <code>.google.protobuf.Timestamp expire_time = 3;</code>
      */
     public com.google.protobuf.Timestamp.Builder getExpireTimeBuilder() {
-      
+
       onChanged();
       return getExpireTimeFieldBuilder().getBuilder();
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -730,11 +777,14 @@ public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
       if (expireTimeBuilder_ != null) {
         return expireTimeBuilder_.getMessageOrBuilder();
       } else {
-        return expireTime_ == null ?
-            com.google.protobuf.Timestamp.getDefaultInstance() : expireTime_;
+        return expireTime_ == null
+            ? com.google.protobuf.Timestamp.getDefaultInstance()
+            : expireTime_;
       }
     }
     /**
+     *
+     *
      * <pre>
      * Token expiration time.
      * The expiration time is always set.
@@ -743,21 +793,24 @@ public com.google.protobuf.TimestampOrBuilder getExpireTimeOrBuilder() {
      * <code>.google.protobuf.Timestamp expire_time = 3;</code>
      */
     private com.google.protobuf.SingleFieldBuilderV3<
-        com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder> 
+            com.google.protobuf.Timestamp,
+            com.google.protobuf.Timestamp.Builder,
+            com.google.protobuf.TimestampOrBuilder>
         getExpireTimeFieldBuilder() {
       if (expireTimeBuilder_ == null) {
-        expireTimeBuilder_ = new com.google.protobuf.SingleFieldBuilderV3<
-            com.google.protobuf.Timestamp, com.google.protobuf.Timestamp.Builder, com.google.protobuf.TimestampOrBuilder>(
-                getExpireTime(),
-                getParentForChildren(),
-                isClean());
+        expireTimeBuilder_ =
+            new com.google.protobuf.SingleFieldBuilderV3<
+                com.google.protobuf.Timestamp,
+                com.google.protobuf.Timestamp.Builder,
+                com.google.protobuf.TimestampOrBuilder>(
+                getExpireTime(), getParentForChildren(), isClean());
         expireTime_ = null;
       }
       return expireTimeBuilder_;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -767,30 +820,32 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateAccessTokenResponse)
-  private static final com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse DEFAULT_INSTANCE;
+  private static final com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse
+      DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse();
   }
 
-  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstance() {
+  public static com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse
+      getDefaultInstance() {
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<GenerateAccessTokenResponse>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateAccessTokenResponse>() {
-    @java.lang.Override
-    public GenerateAccessTokenResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateAccessTokenResponse(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<GenerateAccessTokenResponse> PARSER =
+      new com.google.protobuf.AbstractParser<GenerateAccessTokenResponse>() {
+        @java.lang.Override
+        public GenerateAccessTokenResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GenerateAccessTokenResponse(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<GenerateAccessTokenResponse> parser() {
     return PARSER;
@@ -802,9 +857,8 @@ public com.google.protobuf.Parser<GenerateAccessTokenResponse> getParserForType(
   }
 
   @java.lang.Override
-  public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse getDefaultInstanceForType() {
+  public com.google.cloud.iam.credentials.v1.GenerateAccessTokenResponse
+      getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
index cd79f9c0daba..3b2433abfb4c 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateAccessTokenResponseOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface GenerateAccessTokenResponseOrBuilder extends
+public interface GenerateAccessTokenResponseOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateAccessTokenResponse)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The OAuth 2.0 access token.
    * </pre>
@@ -16,16 +19,19 @@ public interface GenerateAccessTokenResponseOrBuilder extends
    */
   java.lang.String getAccessToken();
   /**
+   *
+   *
    * <pre>
    * The OAuth 2.0 access token.
    * </pre>
    *
    * <code>string access_token = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getAccessTokenBytes();
+  com.google.protobuf.ByteString getAccessTokenBytes();
 
   /**
+   *
+   *
    * <pre>
    * Token expiration time.
    * The expiration time is always set.
@@ -35,6 +41,8 @@ public interface GenerateAccessTokenResponseOrBuilder extends
    */
   boolean hasExpireTime();
   /**
+   *
+   *
    * <pre>
    * Token expiration time.
    * The expiration time is always set.
@@ -44,6 +52,8 @@ public interface GenerateAccessTokenResponseOrBuilder extends
    */
   com.google.protobuf.Timestamp getExpireTime();
   /**
+   *
+   *
    * <pre>
    * Token expiration time.
    * The expiration time is always set.
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java
index 60daf9c8aca1..81ac3a6e9ccf 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequest.java
@@ -3,18 +3,17 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
- */
-public  final class GenerateIdTokenRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest} */
+public final class GenerateIdTokenRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
     GenerateIdTokenRequestOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use GenerateIdTokenRequest.newBuilder() to construct.
   private GenerateIdTokenRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private GenerateIdTokenRequest() {
     name_ = "";
     delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
@@ -23,10 +22,10 @@ private GenerateIdTokenRequest() {
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private GenerateIdTokenRequest(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -46,46 +45,48 @@ private GenerateIdTokenRequest(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            name_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
+              name_ = s;
+              break;
             }
-            delegates_.add(s);
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            audience_ = s;
-            break;
-          }
-          case 32: {
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+              if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+                delegates_ = new com.google.protobuf.LazyStringArrayList();
+                mutable_bitField0_ |= 0x00000002;
+              }
+              delegates_.add(s);
+              break;
+            }
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            includeEmail_ = input.readBool();
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+              audience_ = s;
+              break;
+            }
+          case 32:
+            {
+              includeEmail_ = input.readBool();
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = delegates_.getUnmodifiableView();
@@ -94,23 +95,28 @@ private GenerateIdTokenRequest(
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.class,
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
   }
 
   private int bitField0_;
   public static final int NAME_FIELD_NUMBER = 1;
   private volatile java.lang.Object name_;
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -124,14 +130,15 @@ public java.lang.String getName() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       name_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -140,13 +147,11 @@ public java.lang.String getName() {
    *
    * <code>string name = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
+  public com.google.protobuf.ByteString getNameBytes() {
     java.lang.Object ref = name_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       name_ = b;
       return b;
     } else {
@@ -157,6 +162,8 @@ public java.lang.String getName() {
   public static final int DELEGATES_FIELD_NUMBER = 2;
   private com.google.protobuf.LazyStringList delegates_;
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -170,11 +177,12 @@ public java.lang.String getName() {
    *
    * <code>repeated string delegates = 2;</code>
    */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
+  public com.google.protobuf.ProtocolStringList getDelegatesList() {
     return delegates_;
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -192,6 +200,8 @@ public int getDelegatesCount() {
     return delegates_.size();
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -209,6 +219,8 @@ public java.lang.String getDelegates(int index) {
     return delegates_.get(index);
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -222,14 +234,15 @@ public java.lang.String getDelegates(int index) {
    *
    * <code>repeated string delegates = 2;</code>
    */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
+  public com.google.protobuf.ByteString getDelegatesBytes(int index) {
     return delegates_.getByteString(index);
   }
 
   public static final int AUDIENCE_FIELD_NUMBER = 3;
   private volatile java.lang.Object audience_;
   /**
+   *
+   *
    * <pre>
    * The audience for the token, such as the API or account that this token
    * grants access to.
@@ -242,14 +255,15 @@ public java.lang.String getAudience() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       audience_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The audience for the token, such as the API or account that this token
    * grants access to.
@@ -257,13 +271,11 @@ public java.lang.String getAudience() {
    *
    * <code>string audience = 3;</code>
    */
-  public com.google.protobuf.ByteString
-      getAudienceBytes() {
+  public com.google.protobuf.ByteString getAudienceBytes() {
     java.lang.Object ref = audience_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       audience_ = b;
       return b;
     } else {
@@ -274,6 +286,8 @@ public java.lang.String getAudience() {
   public static final int INCLUDE_EMAIL_FIELD_NUMBER = 4;
   private boolean includeEmail_;
   /**
+   *
+   *
    * <pre>
    * Include the service account email in the token. If set to `true`, the
    * token will contain `email` and `email_verified` claims.
@@ -286,6 +300,7 @@ public boolean getIncludeEmail() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -297,8 +312,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getNameBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
     }
@@ -335,8 +349,7 @@ public int getSerializedSize() {
       size += com.google.protobuf.GeneratedMessageV3.computeStringSize(3, audience_);
     }
     if (includeEmail_ != false) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeBoolSize(4, includeEmail_);
+      size += com.google.protobuf.CodedOutputStream.computeBoolSize(4, includeEmail_);
     }
     size += unknownFields.getSerializedSize();
     memoizedSize = size;
@@ -346,22 +359,19 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest other = (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) obj;
+    com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest other =
+        (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) obj;
 
     boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getAudience()
-        .equals(other.getAudience());
-    result = result && (getIncludeEmail()
-        == other.getIncludeEmail());
+    result = result && getName().equals(other.getName());
+    result = result && getDelegatesList().equals(other.getDelegatesList());
+    result = result && getAudience().equals(other.getAudience());
+    result = result && (getIncludeEmail() == other.getIncludeEmail());
     result = result && unknownFields.equals(other.unknownFields);
     return result;
   }
@@ -382,121 +392,126 @@ public int hashCode() {
     hash = (37 * hash) + AUDIENCE_FIELD_NUMBER;
     hash = (53 * hash) + getAudience().hashCode();
     hash = (37 * hash) + INCLUDE_EMAIL_FIELD_NUMBER;
-    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(
-        getIncludeEmail());
+    hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(getIncludeEmail());
     hash = (29 * hash) + unknownFields.hashCode();
     memoizedHashCode = hash;
     return hash;
   }
 
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(byte[] data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
-  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest prototype) {
+
+  public static Builder newBuilder(
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenRequest} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenRequest)
       com.google.cloud.iam.credentials.v1.GenerateIdTokenRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
+              com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.class,
+              com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.newBuilder()
@@ -504,16 +519,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -529,9 +543,9 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
     }
 
     @java.lang.Override
@@ -550,7 +564,8 @@ public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest buildPartial() {
-      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest result = new com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest(this);
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest result =
+          new com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest(this);
       int from_bitField0_ = bitField0_;
       int to_bitField0_ = 0;
       result.name_ = name_;
@@ -570,38 +585,39 @@ public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest buildPartial()
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -609,7 +625,8 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest other) {
-      if (other == com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance()) return this;
+      if (other == com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest.getDefaultInstance())
+        return this;
       if (!other.getName().isEmpty()) {
         name_ = other.name_;
         onChanged();
@@ -650,7 +667,8 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest) e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -659,10 +677,13 @@ public Builder mergeFrom(
       }
       return this;
     }
+
     private int bitField0_;
 
     private java.lang.Object name_ = "";
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -674,8 +695,7 @@ public Builder mergeFrom(
     public java.lang.String getName() {
       java.lang.Object ref = name_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         name_ = s;
         return s;
@@ -684,6 +704,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -692,13 +714,11 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
+    public com.google.protobuf.ByteString getNameBytes() {
       java.lang.Object ref = name_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         name_ = b;
         return b;
       } else {
@@ -706,6 +726,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -714,17 +736,18 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setName(
-        java.lang.String value) {
+    public Builder setName(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       name_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -734,12 +757,14 @@ public Builder setName(
      * <code>string name = 1;</code>
      */
     public Builder clearName() {
-      
+
       name_ = getDefaultInstance().getName();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -748,26 +773,29 @@ public Builder clearName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       name_ = value;
       onChanged();
       return this;
     }
 
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private com.google.protobuf.LazyStringList delegates_ =
+        com.google.protobuf.LazyStringArrayList.EMPTY;
+
     private void ensureDelegatesIsMutable() {
       if (!((bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
         bitField0_ |= 0x00000002;
-       }
+      }
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -781,11 +809,12 @@ private void ensureDelegatesIsMutable() {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
+    public com.google.protobuf.ProtocolStringList getDelegatesList() {
       return delegates_.getUnmodifiableView();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -803,6 +832,8 @@ public int getDelegatesCount() {
       return delegates_.size();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -820,6 +851,8 @@ public java.lang.String getDelegates(int index) {
       return delegates_.get(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -833,11 +866,12 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
+    public com.google.protobuf.ByteString getDelegatesBytes(int index) {
       return delegates_.getByteString(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -851,17 +885,18 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
+    public Builder setDelegates(int index, java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.set(index, value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -875,17 +910,18 @@ public Builder setDelegates(
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder addDelegates(
-        java.lang.String value) {
+    public Builder addDelegates(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -899,15 +935,15 @@ public Builder addDelegates(
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
+    public Builder addAllDelegates(java.lang.Iterable<java.lang.String> values) {
       ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(values, delegates_);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -928,6 +964,8 @@ public Builder clearDelegates() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -941,12 +979,11 @@ public Builder clearDelegates() {
      *
      * <code>repeated string delegates = 2;</code>
      */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder addDelegatesBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
       ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
@@ -955,6 +992,8 @@ public Builder addDelegatesBytes(
 
     private java.lang.Object audience_ = "";
     /**
+     *
+     *
      * <pre>
      * The audience for the token, such as the API or account that this token
      * grants access to.
@@ -965,8 +1004,7 @@ public Builder addDelegatesBytes(
     public java.lang.String getAudience() {
       java.lang.Object ref = audience_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         audience_ = s;
         return s;
@@ -975,6 +1013,8 @@ public java.lang.String getAudience() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The audience for the token, such as the API or account that this token
      * grants access to.
@@ -982,13 +1022,11 @@ public java.lang.String getAudience() {
      *
      * <code>string audience = 3;</code>
      */
-    public com.google.protobuf.ByteString
-        getAudienceBytes() {
+    public com.google.protobuf.ByteString getAudienceBytes() {
       java.lang.Object ref = audience_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         audience_ = b;
         return b;
       } else {
@@ -996,6 +1034,8 @@ public java.lang.String getAudience() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The audience for the token, such as the API or account that this token
      * grants access to.
@@ -1003,17 +1043,18 @@ public java.lang.String getAudience() {
      *
      * <code>string audience = 3;</code>
      */
-    public Builder setAudience(
-        java.lang.String value) {
+    public Builder setAudience(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       audience_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The audience for the token, such as the API or account that this token
      * grants access to.
@@ -1022,12 +1063,14 @@ public Builder setAudience(
      * <code>string audience = 3;</code>
      */
     public Builder clearAudience() {
-      
+
       audience_ = getDefaultInstance().getAudience();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The audience for the token, such as the API or account that this token
      * grants access to.
@@ -1035,20 +1078,21 @@ public Builder clearAudience() {
      *
      * <code>string audience = 3;</code>
      */
-    public Builder setAudienceBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setAudienceBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       audience_ = value;
       onChanged();
       return this;
     }
 
-    private boolean includeEmail_ ;
+    private boolean includeEmail_;
     /**
+     *
+     *
      * <pre>
      * Include the service account email in the token. If set to `true`, the
      * token will contain `email` and `email_verified` claims.
@@ -1060,6 +1104,8 @@ public boolean getIncludeEmail() {
       return includeEmail_;
     }
     /**
+     *
+     *
      * <pre>
      * Include the service account email in the token. If set to `true`, the
      * token will contain `email` and `email_verified` claims.
@@ -1068,12 +1114,14 @@ public boolean getIncludeEmail() {
      * <code>bool include_email = 4;</code>
      */
     public Builder setIncludeEmail(boolean value) {
-      
+
       includeEmail_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * Include the service account email in the token. If set to `true`, the
      * token will contain `email` and `email_verified` claims.
@@ -1082,14 +1130,14 @@ public Builder setIncludeEmail(boolean value) {
      * <code>bool include_email = 4;</code>
      */
     public Builder clearIncludeEmail() {
-      
+
       includeEmail_ = false;
       onChanged();
       return this;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -1099,12 +1147,12 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenRequest)
   private static final com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest();
   }
@@ -1113,16 +1161,16 @@ public static com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest getDefa
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<GenerateIdTokenRequest>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenRequest>() {
-    @java.lang.Override
-    public GenerateIdTokenRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdTokenRequest(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<GenerateIdTokenRequest> PARSER =
+      new com.google.protobuf.AbstractParser<GenerateIdTokenRequest>() {
+        @java.lang.Override
+        public GenerateIdTokenRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GenerateIdTokenRequest(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<GenerateIdTokenRequest> parser() {
     return PARSER;
@@ -1137,6 +1185,4 @@ public com.google.protobuf.Parser<GenerateIdTokenRequest> getParserForType() {
   public com.google.cloud.iam.credentials.v1.GenerateIdTokenRequest getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
index f9ebdcb82438..f7c91179ee30 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenRequestOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface GenerateIdTokenRequestOrBuilder extends
+public interface GenerateIdTokenRequestOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenRequest)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -18,6 +21,8 @@ public interface GenerateIdTokenRequestOrBuilder extends
    */
   java.lang.String getName();
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -26,10 +31,11 @@ public interface GenerateIdTokenRequestOrBuilder extends
    *
    * <code>string name = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getNameBytes();
+  com.google.protobuf.ByteString getNameBytes();
 
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -43,9 +49,10 @@ public interface GenerateIdTokenRequestOrBuilder extends
    *
    * <code>repeated string delegates = 2;</code>
    */
-  java.util.List<java.lang.String>
-      getDelegatesList();
+  java.util.List<java.lang.String> getDelegatesList();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -61,6 +68,8 @@ public interface GenerateIdTokenRequestOrBuilder extends
    */
   int getDelegatesCount();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -76,6 +85,8 @@ public interface GenerateIdTokenRequestOrBuilder extends
    */
   java.lang.String getDelegates(int index);
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -89,10 +100,11 @@ public interface GenerateIdTokenRequestOrBuilder extends
    *
    * <code>repeated string delegates = 2;</code>
    */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
+  com.google.protobuf.ByteString getDelegatesBytes(int index);
 
   /**
+   *
+   *
    * <pre>
    * The audience for the token, such as the API or account that this token
    * grants access to.
@@ -102,6 +114,8 @@ public interface GenerateIdTokenRequestOrBuilder extends
    */
   java.lang.String getAudience();
   /**
+   *
+   *
    * <pre>
    * The audience for the token, such as the API or account that this token
    * grants access to.
@@ -109,10 +123,11 @@ public interface GenerateIdTokenRequestOrBuilder extends
    *
    * <code>string audience = 3;</code>
    */
-  com.google.protobuf.ByteString
-      getAudienceBytes();
+  com.google.protobuf.ByteString getAudienceBytes();
 
   /**
+   *
+   *
    * <pre>
    * Include the service account email in the token. If set to `true`, the
    * token will contain `email` and `email_verified` claims.
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java
index 2fcfed7fd490..bd1eea3ff1cf 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponse.java
@@ -3,27 +3,26 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
- */
-public  final class GenerateIdTokenResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse} */
+public final class GenerateIdTokenResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
     GenerateIdTokenResponseOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use GenerateIdTokenResponse.newBuilder() to construct.
   private GenerateIdTokenResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private GenerateIdTokenResponse() {
     token_ = "";
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private GenerateIdTokenResponse(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -43,47 +42,52 @@ private GenerateIdTokenResponse(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            token_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+              token_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       this.unknownFields = unknownFields.build();
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.class,
+            com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
   }
 
   public static final int TOKEN_FIELD_NUMBER = 1;
   private volatile java.lang.Object token_;
   /**
+   *
+   *
    * <pre>
    * The OpenId Connect ID token.
    * </pre>
@@ -95,27 +99,26 @@ public java.lang.String getToken() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       token_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The OpenId Connect ID token.
    * </pre>
    *
    * <code>string token = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getTokenBytes() {
+  public com.google.protobuf.ByteString getTokenBytes() {
     java.lang.Object ref = token_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       token_ = b;
       return b;
     } else {
@@ -124,6 +127,7 @@ public java.lang.String getToken() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -135,8 +139,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getTokenBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, token_);
     }
@@ -160,16 +163,16 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse other = (com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) obj;
+    com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse other =
+        (com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) obj;
 
     boolean result = true;
-    result = result && getToken()
-        .equals(other.getToken());
+    result = result && getToken().equals(other.getToken());
     result = result && unknownFields.equals(other.unknownFields);
     return result;
   }
@@ -189,113 +192,119 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(byte[] data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
-  public static Builder newBuilder(com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse prototype) {
+
+  public static Builder newBuilder(
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.GenerateIdTokenResponse} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.GenerateIdTokenResponse)
       com.google.cloud.iam.credentials.v1.GenerateIdTokenResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.class, com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
+              com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.class,
+              com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.newBuilder()
@@ -303,16 +312,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -322,9 +330,9 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
     }
 
     @java.lang.Override
@@ -343,7 +351,8 @@ public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse buildPartial() {
-      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse result = new com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse(this);
+      com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse result =
+          new com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse(this);
       result.token_ = token_;
       onBuilt();
       return result;
@@ -353,38 +362,39 @@ public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse buildPartial(
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -392,7 +402,8 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse other) {
-      if (other == com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance()) return this;
+      if (other == com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse.getDefaultInstance())
+        return this;
       if (!other.getToken().isEmpty()) {
         token_ = other.token_;
         onChanged();
@@ -416,7 +427,8 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse) e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -428,6 +440,8 @@ public Builder mergeFrom(
 
     private java.lang.Object token_ = "";
     /**
+     *
+     *
      * <pre>
      * The OpenId Connect ID token.
      * </pre>
@@ -437,8 +451,7 @@ public Builder mergeFrom(
     public java.lang.String getToken() {
       java.lang.Object ref = token_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         token_ = s;
         return s;
@@ -447,19 +460,19 @@ public java.lang.String getToken() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The OpenId Connect ID token.
      * </pre>
      *
      * <code>string token = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getTokenBytes() {
+    public com.google.protobuf.ByteString getTokenBytes() {
       java.lang.Object ref = token_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         token_ = b;
         return b;
       } else {
@@ -467,23 +480,26 @@ public java.lang.String getToken() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The OpenId Connect ID token.
      * </pre>
      *
      * <code>string token = 1;</code>
      */
-    public Builder setToken(
-        java.lang.String value) {
+    public Builder setToken(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       token_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The OpenId Connect ID token.
      * </pre>
@@ -491,32 +507,33 @@ public Builder setToken(
      * <code>string token = 1;</code>
      */
     public Builder clearToken() {
-      
+
       token_ = getDefaultInstance().getToken();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The OpenId Connect ID token.
      * </pre>
      *
      * <code>string token = 1;</code>
      */
-    public Builder setTokenBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setTokenBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       token_ = value;
       onChanged();
       return this;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -526,12 +543,12 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.GenerateIdTokenResponse)
   private static final com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse();
   }
@@ -540,16 +557,16 @@ public static com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse getDef
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<GenerateIdTokenResponse>
-      PARSER = new com.google.protobuf.AbstractParser<GenerateIdTokenResponse>() {
-    @java.lang.Override
-    public GenerateIdTokenResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new GenerateIdTokenResponse(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<GenerateIdTokenResponse> PARSER =
+      new com.google.protobuf.AbstractParser<GenerateIdTokenResponse>() {
+        @java.lang.Override
+        public GenerateIdTokenResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new GenerateIdTokenResponse(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<GenerateIdTokenResponse> parser() {
     return PARSER;
@@ -564,6 +581,4 @@ public com.google.protobuf.Parser<GenerateIdTokenResponse> getParserForType() {
   public com.google.cloud.iam.credentials.v1.GenerateIdTokenResponse getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
index 567a83b6b976..0d06646f3707 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/GenerateIdTokenResponseOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface GenerateIdTokenResponseOrBuilder extends
+public interface GenerateIdTokenResponseOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.GenerateIdTokenResponse)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The OpenId Connect ID token.
    * </pre>
@@ -16,12 +19,13 @@ public interface GenerateIdTokenResponseOrBuilder extends
    */
   java.lang.String getToken();
   /**
+   *
+   *
    * <pre>
    * The OpenId Connect ID token.
    * </pre>
    *
    * <code>string token = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getTokenBytes();
+  com.google.protobuf.ByteString getTokenBytes();
 }
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java
index 16a32d648f56..1913fb615541 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsCommonProto.java
@@ -5,150 +5,157 @@
 
 public final class IAMCredentialsCommonProto {
   private IAMCredentialsCommonProto() {}
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistryLite registry) {
-  }
 
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistry registry) {
-    registerAllExtensions(
-        (com.google.protobuf.ExtensionRegistryLite) registry);
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
   }
+
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
-    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
-  static final 
-    com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable;
 
-  public static com.google.protobuf.Descriptors.FileDescriptor
-      getDescriptor() {
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     return descriptor;
   }
-  private static  com.google.protobuf.Descriptors.FileDescriptor
-      descriptor;
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
   static {
     java.lang.String[] descriptorData = {
-      "\n&google/iam/credentials/v1/common.proto" +
-      "\022\031google.iam.credentials.v1\032\036google/prot" +
-      "obuf/duration.proto\032\037google/protobuf/tim" +
-      "estamp.proto\"y\n\032GenerateAccessTokenReque" +
-      "st\022\014\n\004name\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\r\n\005s" +
-      "cope\030\004 \003(\t\022+\n\010lifetime\030\007 \001(\0132\031.google.pr" +
-      "otobuf.Duration\"d\n\033GenerateAccessTokenRe" +
-      "sponse\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_t" +
-      "ime\030\003 \001(\0132\032.google.protobuf.Timestamp\"C\n" +
-      "\017SignBlobRequest\022\014\n\004name\030\001 \001(\t\022\021\n\tdelega" +
-      "tes\030\003 \003(\t\022\017\n\007payload\030\005 \001(\014\"7\n\020SignBlobRe" +
-      "sponse\022\016\n\006key_id\030\001 \001(\t\022\023\n\013signed_blob\030\004 " +
-      "\001(\014\"B\n\016SignJwtRequest\022\014\n\004name\030\001 \001(\t\022\021\n\td" +
-      "elegates\030\003 \003(\t\022\017\n\007payload\030\005 \001(\t\"5\n\017SignJ" +
-      "wtResponse\022\016\n\006key_id\030\001 \001(\t\022\022\n\nsigned_jwt" +
-      "\030\002 \001(\t\"b\n\026GenerateIdTokenRequest\022\014\n\004name" +
-      "\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\020\n\010audience\030\003 " +
-      "\001(\t\022\025\n\rinclude_email\030\004 \001(\010\"(\n\027GenerateId" +
-      "TokenResponse\022\r\n\005token\030\001 \001(\tB\213\001\n#com.goo" +
-      "gle.cloud.iam.credentials.v1B\031IAMCredent" +
-      "ialsCommonProtoP\001ZDgoogle.golang.org/gen" +
-      "proto/googleapis/iam/credentials/v1;cred" +
-      "entials\370\001\001b\006proto3"
+      "\n&google/iam/credentials/v1/common.proto"
+          + "\022\031google.iam.credentials.v1\032\036google/prot"
+          + "obuf/duration.proto\032\037google/protobuf/tim"
+          + "estamp.proto\"y\n\032GenerateAccessTokenReque"
+          + "st\022\014\n\004name\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\r\n\005s"
+          + "cope\030\004 \003(\t\022+\n\010lifetime\030\007 \001(\0132\031.google.pr"
+          + "otobuf.Duration\"d\n\033GenerateAccessTokenRe"
+          + "sponse\022\024\n\014access_token\030\001 \001(\t\022/\n\013expire_t"
+          + "ime\030\003 \001(\0132\032.google.protobuf.Timestamp\"C\n"
+          + "\017SignBlobRequest\022\014\n\004name\030\001 \001(\t\022\021\n\tdelega"
+          + "tes\030\003 \003(\t\022\017\n\007payload\030\005 \001(\014\"7\n\020SignBlobRe"
+          + "sponse\022\016\n\006key_id\030\001 \001(\t\022\023\n\013signed_blob\030\004 "
+          + "\001(\014\"B\n\016SignJwtRequest\022\014\n\004name\030\001 \001(\t\022\021\n\td"
+          + "elegates\030\003 \003(\t\022\017\n\007payload\030\005 \001(\t\"5\n\017SignJ"
+          + "wtResponse\022\016\n\006key_id\030\001 \001(\t\022\022\n\nsigned_jwt"
+          + "\030\002 \001(\t\"b\n\026GenerateIdTokenRequest\022\014\n\004name"
+          + "\030\001 \001(\t\022\021\n\tdelegates\030\002 \003(\t\022\020\n\010audience\030\003 "
+          + "\001(\t\022\025\n\rinclude_email\030\004 \001(\010\"(\n\027GenerateId"
+          + "TokenResponse\022\r\n\005token\030\001 \001(\tB\213\001\n#com.goo"
+          + "gle.cloud.iam.credentials.v1B\031IAMCredent"
+          + "ialsCommonProtoP\001ZDgoogle.golang.org/gen"
+          + "proto/googleapis/iam/credentials/v1;cred"
+          + "entials\370\001\001b\006proto3"
     };
     com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
-        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
+        new com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner() {
           public com.google.protobuf.ExtensionRegistry assignDescriptors(
               com.google.protobuf.Descriptors.FileDescriptor root) {
             descriptor = root;
             return null;
           }
         };
-    com.google.protobuf.Descriptors.FileDescriptor
-      .internalBuildGeneratedFileFrom(descriptorData,
+    com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+        descriptorData,
         new com.google.protobuf.Descriptors.FileDescriptor[] {
           com.google.protobuf.DurationProto.getDescriptor(),
           com.google.protobuf.TimestampProto.getDescriptor(),
-        }, assigner);
+        },
+        assigner);
     internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor =
-      getDescriptor().getMessageTypes().get(0);
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Scope", "Lifetime", });
+        getDescriptor().getMessageTypes().get(0);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_GenerateAccessTokenRequest_descriptor,
+            new java.lang.String[] {
+              "Name", "Delegates", "Scope", "Lifetime",
+            });
     internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor =
-      getDescriptor().getMessageTypes().get(1);
-    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor,
-        new java.lang.String[] { "AccessToken", "ExpireTime", });
+        getDescriptor().getMessageTypes().get(1);
+    internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_GenerateAccessTokenResponse_descriptor,
+            new java.lang.String[] {
+              "AccessToken", "ExpireTime",
+            });
     internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor =
-      getDescriptor().getMessageTypes().get(2);
-    internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Payload", });
+        getDescriptor().getMessageTypes().get(2);
+    internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor,
+            new java.lang.String[] {
+              "Name", "Delegates", "Payload",
+            });
     internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor =
-      getDescriptor().getMessageTypes().get(3);
-    internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor,
-        new java.lang.String[] { "KeyId", "SignedBlob", });
+        getDescriptor().getMessageTypes().get(3);
+    internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor,
+            new java.lang.String[] {
+              "KeyId", "SignedBlob",
+            });
     internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor =
-      getDescriptor().getMessageTypes().get(4);
-    internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Payload", });
+        getDescriptor().getMessageTypes().get(4);
+    internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor,
+            new java.lang.String[] {
+              "Name", "Delegates", "Payload",
+            });
     internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor =
-      getDescriptor().getMessageTypes().get(5);
-    internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor,
-        new java.lang.String[] { "KeyId", "SignedJwt", });
+        getDescriptor().getMessageTypes().get(5);
+    internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor,
+            new java.lang.String[] {
+              "KeyId", "SignedJwt",
+            });
     internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor =
-      getDescriptor().getMessageTypes().get(6);
-    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor,
-        new java.lang.String[] { "Name", "Delegates", "Audience", "IncludeEmail", });
+        getDescriptor().getMessageTypes().get(6);
+    internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_GenerateIdTokenRequest_descriptor,
+            new java.lang.String[] {
+              "Name", "Delegates", "Audience", "IncludeEmail",
+            });
     internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor =
-      getDescriptor().getMessageTypes().get(7);
-    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable = new
-      com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-        internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor,
-        new java.lang.String[] { "Token", });
+        getDescriptor().getMessageTypes().get(7);
+    internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_iam_credentials_v1_GenerateIdTokenResponse_descriptor,
+            new java.lang.String[] {
+              "Token",
+            });
     com.google.protobuf.DurationProto.getDescriptor();
     com.google.protobuf.TimestampProto.getDescriptor();
   }
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java
index 0844d24c02df..6bd5863e9bb7 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/IAMCredentialsProto.java
@@ -5,70 +5,68 @@
 
 public final class IAMCredentialsProto {
   private IAMCredentialsProto() {}
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistryLite registry) {
-  }
 
-  public static void registerAllExtensions(
-      com.google.protobuf.ExtensionRegistry registry) {
-    registerAllExtensions(
-        (com.google.protobuf.ExtensionRegistryLite) registry);
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistryLite registry) {}
+
+  public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry registry) {
+    registerAllExtensions((com.google.protobuf.ExtensionRegistryLite) registry);
   }
 
-  public static com.google.protobuf.Descriptors.FileDescriptor
-      getDescriptor() {
+  public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
     return descriptor;
   }
-  private static  com.google.protobuf.Descriptors.FileDescriptor
-      descriptor;
+
+  private static com.google.protobuf.Descriptors.FileDescriptor descriptor;
+
   static {
     java.lang.String[] descriptorData = {
-      "\n.google/iam/credentials/v1/iamcredentia" +
-      "ls.proto\022\031google.iam.credentials.v1\032\034goo" +
-      "gle/api/annotations.proto\032&google/iam/cr" +
-      "edentials/v1/common.proto2\340\005\n\016IAMCredent" +
-      "ials\022\314\001\n\023GenerateAccessToken\0225.google.ia" +
-      "m.credentials.v1.GenerateAccessTokenRequ" +
-      "est\0326.google.iam.credentials.v1.Generate" +
-      "AccessTokenResponse\"F\202\323\344\223\002@\";/v1/{name=p" +
-      "rojects/*/serviceAccounts/*}:generateAcc" +
-      "essToken:\001*\022\274\001\n\017GenerateIdToken\0221.google" +
-      ".iam.credentials.v1.GenerateIdTokenReque" +
-      "st\0322.google.iam.credentials.v1.GenerateI" +
-      "dTokenResponse\"B\202\323\344\223\002<\"7/v1/{name=projec" +
-      "ts/*/serviceAccounts/*}:generateIdToken:" +
-      "\001*\022\240\001\n\010SignBlob\022*.google.iam.credentials" +
-      ".v1.SignBlobRequest\032+.google.iam.credent" +
-      "ials.v1.SignBlobResponse\";\202\323\344\223\0025\"0/v1/{n" +
-      "ame=projects/*/serviceAccounts/*}:signBl" +
-      "ob:\001*\022\234\001\n\007SignJwt\022).google.iam.credentia" +
-      "ls.v1.SignJwtRequest\032*.google.iam.creden" +
-      "tials.v1.SignJwtResponse\":\202\323\344\223\0024\"//v1/{n" +
-      "ame=projects/*/serviceAccounts/*}:signJw" +
-      "t:\001*B\205\001\n#com.google.cloud.iam.credential" +
-      "s.v1B\023IAMCredentialsProtoP\001ZDgoogle.gola" +
-      "ng.org/genproto/googleapis/iam/credentia" +
-      "ls/v1;credentials\370\001\001b\006proto3"
+      "\n.google/iam/credentials/v1/iamcredentia"
+          + "ls.proto\022\031google.iam.credentials.v1\032\034goo"
+          + "gle/api/annotations.proto\032&google/iam/cr"
+          + "edentials/v1/common.proto2\340\005\n\016IAMCredent"
+          + "ials\022\314\001\n\023GenerateAccessToken\0225.google.ia"
+          + "m.credentials.v1.GenerateAccessTokenRequ"
+          + "est\0326.google.iam.credentials.v1.Generate"
+          + "AccessTokenResponse\"F\202\323\344\223\002@\";/v1/{name=p"
+          + "rojects/*/serviceAccounts/*}:generateAcc"
+          + "essToken:\001*\022\274\001\n\017GenerateIdToken\0221.google"
+          + ".iam.credentials.v1.GenerateIdTokenReque"
+          + "st\0322.google.iam.credentials.v1.GenerateI"
+          + "dTokenResponse\"B\202\323\344\223\002<\"7/v1/{name=projec"
+          + "ts/*/serviceAccounts/*}:generateIdToken:"
+          + "\001*\022\240\001\n\010SignBlob\022*.google.iam.credentials"
+          + ".v1.SignBlobRequest\032+.google.iam.credent"
+          + "ials.v1.SignBlobResponse\";\202\323\344\223\0025\"0/v1/{n"
+          + "ame=projects/*/serviceAccounts/*}:signBl"
+          + "ob:\001*\022\234\001\n\007SignJwt\022).google.iam.credentia"
+          + "ls.v1.SignJwtRequest\032*.google.iam.creden"
+          + "tials.v1.SignJwtResponse\":\202\323\344\223\0024\"//v1/{n"
+          + "ame=projects/*/serviceAccounts/*}:signJw"
+          + "t:\001*B\205\001\n#com.google.cloud.iam.credential"
+          + "s.v1B\023IAMCredentialsProtoP\001ZDgoogle.gola"
+          + "ng.org/genproto/googleapis/iam/credentia"
+          + "ls/v1;credentials\370\001\001b\006proto3"
     };
     com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner assigner =
-        new com.google.protobuf.Descriptors.FileDescriptor.    InternalDescriptorAssigner() {
+        new com.google.protobuf.Descriptors.FileDescriptor.InternalDescriptorAssigner() {
           public com.google.protobuf.ExtensionRegistry assignDescriptors(
               com.google.protobuf.Descriptors.FileDescriptor root) {
             descriptor = root;
             return null;
           }
         };
-    com.google.protobuf.Descriptors.FileDescriptor
-      .internalBuildGeneratedFileFrom(descriptorData,
+    com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
+        descriptorData,
         new com.google.protobuf.Descriptors.FileDescriptor[] {
           com.google.api.AnnotationsProto.getDescriptor(),
           com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor(),
-        }, assigner);
+        },
+        assigner);
     com.google.protobuf.ExtensionRegistry registry =
         com.google.protobuf.ExtensionRegistry.newInstance();
     registry.add(com.google.api.AnnotationsProto.http);
-    com.google.protobuf.Descriptors.FileDescriptor
-        .internalUpdateFileDescriptor(descriptor, registry);
+    com.google.protobuf.Descriptors.FileDescriptor.internalUpdateFileDescriptor(
+        descriptor, registry);
     com.google.api.AnnotationsProto.getDescriptor();
     com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.getDescriptor();
   }
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java
index 361f69ffe006..48d938e793a0 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/ServiceAccountName.java
@@ -14,13 +14,13 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableMap;
 import com.google.api.pathtemplate.PathTemplate;
 import com.google.api.resourcenames.ResourceName;
-import java.util.Map;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableMap;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 
 // AUTO-GENERATED DOCUMENTATION AND CLASS
 @javax.annotation.Generated("by GAPIC protoc plugin")
@@ -56,18 +56,11 @@ private ServiceAccountName(Builder builder) {
   }
 
   public static ServiceAccountName of(String project, String serviceAccount) {
-    return newBuilder()
-      .setProject(project)
-      .setServiceAccount(serviceAccount)
-      .build();
+    return newBuilder().setProject(project).setServiceAccount(serviceAccount).build();
   }
 
   public static String format(String project, String serviceAccount) {
-    return newBuilder()
-      .setProject(project)
-      .setServiceAccount(serviceAccount)
-      .build()
-      .toString();
+    return newBuilder().setProject(project).setServiceAccount(serviceAccount).build().toString();
   }
 
   public static ServiceAccountName parse(String formattedString) {
@@ -75,7 +68,8 @@ public static ServiceAccountName parse(String formattedString) {
       return null;
     }
     Map<String, String> matchMap =
-        PATH_TEMPLATE.validatedMatch(formattedString, "ServiceAccountName.parse: formattedString not in valid format");
+        PATH_TEMPLATE.validatedMatch(
+            formattedString, "ServiceAccountName.parse: formattedString not in valid format");
     return of(matchMap.get("project"), matchMap.get("service_account"));
   }
 
@@ -150,8 +144,7 @@ public Builder setServiceAccount(String serviceAccount) {
       return this;
     }
 
-    private Builder() {
-    }
+    private Builder() {}
 
     private Builder(ServiceAccountName serviceAccountName) {
       project = serviceAccountName.project;
@@ -186,4 +179,3 @@ public int hashCode() {
     return h;
   }
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java
index bfcd1a369016..990a45ee8d27 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequest.java
@@ -3,18 +3,17 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
- */
-public  final class SignBlobRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.SignBlobRequest} */
+public final class SignBlobRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobRequest)
     SignBlobRequestOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use SignBlobRequest.newBuilder() to construct.
   private SignBlobRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private SignBlobRequest() {
     name_ = "";
     delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
@@ -22,10 +21,10 @@ private SignBlobRequest() {
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private SignBlobRequest(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -45,40 +44,41 @@ private SignBlobRequest(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            name_ = s;
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
+              name_ = s;
+              break;
             }
-            delegates_.add(s);
-            break;
-          }
-          case 42: {
-
-            payload_ = input.readBytes();
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+              if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+                delegates_ = new com.google.protobuf.LazyStringArrayList();
+                mutable_bitField0_ |= 0x00000002;
+              }
+              delegates_.add(s);
+              break;
+            }
+          case 42:
+            {
+              payload_ = input.readBytes();
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = delegates_.getUnmodifiableView();
@@ -87,23 +87,28 @@ private SignBlobRequest(
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.SignBlobRequest.class, com.google.cloud.iam.credentials.v1.SignBlobRequest.Builder.class);
+            com.google.cloud.iam.credentials.v1.SignBlobRequest.class,
+            com.google.cloud.iam.credentials.v1.SignBlobRequest.Builder.class);
   }
 
   private int bitField0_;
   public static final int NAME_FIELD_NUMBER = 1;
   private volatile java.lang.Object name_;
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -117,14 +122,15 @@ public java.lang.String getName() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       name_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -133,13 +139,11 @@ public java.lang.String getName() {
    *
    * <code>string name = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
+  public com.google.protobuf.ByteString getNameBytes() {
     java.lang.Object ref = name_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       name_ = b;
       return b;
     } else {
@@ -150,6 +154,8 @@ public java.lang.String getName() {
   public static final int DELEGATES_FIELD_NUMBER = 3;
   private com.google.protobuf.LazyStringList delegates_;
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -163,11 +169,12 @@ public java.lang.String getName() {
    *
    * <code>repeated string delegates = 3;</code>
    */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
+  public com.google.protobuf.ProtocolStringList getDelegatesList() {
     return delegates_;
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -185,6 +192,8 @@ public int getDelegatesCount() {
     return delegates_.size();
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -202,6 +211,8 @@ public java.lang.String getDelegates(int index) {
     return delegates_.get(index);
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -215,14 +226,15 @@ public java.lang.String getDelegates(int index) {
    *
    * <code>repeated string delegates = 3;</code>
    */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
+  public com.google.protobuf.ByteString getDelegatesBytes(int index) {
     return delegates_.getByteString(index);
   }
 
   public static final int PAYLOAD_FIELD_NUMBER = 5;
   private com.google.protobuf.ByteString payload_;
   /**
+   *
+   *
    * <pre>
    * The bytes to sign.
    * </pre>
@@ -234,6 +246,7 @@ public com.google.protobuf.ByteString getPayload() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -245,8 +258,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getNameBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
     }
@@ -277,8 +289,7 @@ public int getSerializedSize() {
       size += 1 * getDelegatesList().size();
     }
     if (!payload_.isEmpty()) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeBytesSize(5, payload_);
+      size += com.google.protobuf.CodedOutputStream.computeBytesSize(5, payload_);
     }
     size += unknownFields.getSerializedSize();
     memoizedSize = size;
@@ -288,20 +299,18 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignBlobRequest)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.SignBlobRequest other = (com.google.cloud.iam.credentials.v1.SignBlobRequest) obj;
+    com.google.cloud.iam.credentials.v1.SignBlobRequest other =
+        (com.google.cloud.iam.credentials.v1.SignBlobRequest) obj;
 
     boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getPayload()
-        .equals(other.getPayload());
+    result = result && getName().equals(other.getName());
+    result = result && getDelegatesList().equals(other.getDelegatesList());
+    result = result && getPayload().equals(other.getPayload());
     result = result && unknownFields.equals(other.unknownFields);
     return result;
   }
@@ -327,113 +336,118 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(byte[] data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobRequest parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
+
   public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignBlobRequest prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignBlobRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.SignBlobRequest} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobRequest)
       com.google.cloud.iam.credentials.v1.SignBlobRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignBlobRequest_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.SignBlobRequest.class, com.google.cloud.iam.credentials.v1.SignBlobRequest.Builder.class);
+              com.google.cloud.iam.credentials.v1.SignBlobRequest.class,
+              com.google.cloud.iam.credentials.v1.SignBlobRequest.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.SignBlobRequest.newBuilder()
@@ -441,16 +455,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -464,9 +477,9 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignBlobRequest_descriptor;
     }
 
     @java.lang.Override
@@ -485,7 +498,8 @@ public com.google.cloud.iam.credentials.v1.SignBlobRequest build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.SignBlobRequest buildPartial() {
-      com.google.cloud.iam.credentials.v1.SignBlobRequest result = new com.google.cloud.iam.credentials.v1.SignBlobRequest(this);
+      com.google.cloud.iam.credentials.v1.SignBlobRequest result =
+          new com.google.cloud.iam.credentials.v1.SignBlobRequest(this);
       int from_bitField0_ = bitField0_;
       int to_bitField0_ = 0;
       result.name_ = name_;
@@ -504,38 +518,39 @@ public com.google.cloud.iam.credentials.v1.SignBlobRequest buildPartial() {
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.SignBlobRequest) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.SignBlobRequest)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignBlobRequest) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -543,7 +558,8 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignBlobRequest other) {
-      if (other == com.google.cloud.iam.credentials.v1.SignBlobRequest.getDefaultInstance()) return this;
+      if (other == com.google.cloud.iam.credentials.v1.SignBlobRequest.getDefaultInstance())
+        return this;
       if (!other.getName().isEmpty()) {
         name_ = other.name_;
         onChanged();
@@ -580,7 +596,8 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.SignBlobRequest) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.SignBlobRequest) e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -589,10 +606,13 @@ public Builder mergeFrom(
       }
       return this;
     }
+
     private int bitField0_;
 
     private java.lang.Object name_ = "";
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -604,8 +624,7 @@ public Builder mergeFrom(
     public java.lang.String getName() {
       java.lang.Object ref = name_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         name_ = s;
         return s;
@@ -614,6 +633,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -622,13 +643,11 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
+    public com.google.protobuf.ByteString getNameBytes() {
       java.lang.Object ref = name_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         name_ = b;
         return b;
       } else {
@@ -636,6 +655,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -644,17 +665,18 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setName(
-        java.lang.String value) {
+    public Builder setName(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       name_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -664,12 +686,14 @@ public Builder setName(
      * <code>string name = 1;</code>
      */
     public Builder clearName() {
-      
+
       name_ = getDefaultInstance().getName();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -678,26 +702,29 @@ public Builder clearName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       name_ = value;
       onChanged();
       return this;
     }
 
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private com.google.protobuf.LazyStringList delegates_ =
+        com.google.protobuf.LazyStringArrayList.EMPTY;
+
     private void ensureDelegatesIsMutable() {
       if (!((bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
         bitField0_ |= 0x00000002;
-       }
+      }
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -711,11 +738,12 @@ private void ensureDelegatesIsMutable() {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
+    public com.google.protobuf.ProtocolStringList getDelegatesList() {
       return delegates_.getUnmodifiableView();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -733,6 +761,8 @@ public int getDelegatesCount() {
       return delegates_.size();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -750,6 +780,8 @@ public java.lang.String getDelegates(int index) {
       return delegates_.get(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -763,11 +795,12 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
+    public com.google.protobuf.ByteString getDelegatesBytes(int index) {
       return delegates_.getByteString(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -781,17 +814,18 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
+    public Builder setDelegates(int index, java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.set(index, value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -805,17 +839,18 @@ public Builder setDelegates(
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder addDelegates(
-        java.lang.String value) {
+    public Builder addDelegates(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -829,15 +864,15 @@ public Builder addDelegates(
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
+    public Builder addAllDelegates(java.lang.Iterable<java.lang.String> values) {
       ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(values, delegates_);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -858,6 +893,8 @@ public Builder clearDelegates() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -871,12 +908,11 @@ public Builder clearDelegates() {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder addDelegatesBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
       ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
@@ -885,6 +921,8 @@ public Builder addDelegatesBytes(
 
     private com.google.protobuf.ByteString payload_ = com.google.protobuf.ByteString.EMPTY;
     /**
+     *
+     *
      * <pre>
      * The bytes to sign.
      * </pre>
@@ -895,6 +933,8 @@ public com.google.protobuf.ByteString getPayload() {
       return payload_;
     }
     /**
+     *
+     *
      * <pre>
      * The bytes to sign.
      * </pre>
@@ -903,14 +943,16 @@ public com.google.protobuf.ByteString getPayload() {
      */
     public Builder setPayload(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       payload_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The bytes to sign.
      * </pre>
@@ -918,14 +960,14 @@ public Builder setPayload(com.google.protobuf.ByteString value) {
      * <code>bytes payload = 5;</code>
      */
     public Builder clearPayload() {
-      
+
       payload_ = getDefaultInstance().getPayload();
       onChanged();
       return this;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -935,12 +977,12 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobRequest)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobRequest)
   private static final com.google.cloud.iam.credentials.v1.SignBlobRequest DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignBlobRequest();
   }
@@ -949,16 +991,16 @@ public static com.google.cloud.iam.credentials.v1.SignBlobRequest getDefaultInst
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<SignBlobRequest>
-      PARSER = new com.google.protobuf.AbstractParser<SignBlobRequest>() {
-    @java.lang.Override
-    public SignBlobRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignBlobRequest(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<SignBlobRequest> PARSER =
+      new com.google.protobuf.AbstractParser<SignBlobRequest>() {
+        @java.lang.Override
+        public SignBlobRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new SignBlobRequest(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<SignBlobRequest> parser() {
     return PARSER;
@@ -973,6 +1015,4 @@ public com.google.protobuf.Parser<SignBlobRequest> getParserForType() {
   public com.google.cloud.iam.credentials.v1.SignBlobRequest getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java
index f8878e378672..ffa3b0367fcf 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobRequestOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface SignBlobRequestOrBuilder extends
+public interface SignBlobRequestOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobRequest)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -18,6 +21,8 @@ public interface SignBlobRequestOrBuilder extends
    */
   java.lang.String getName();
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -26,10 +31,11 @@ public interface SignBlobRequestOrBuilder extends
    *
    * <code>string name = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getNameBytes();
+  com.google.protobuf.ByteString getNameBytes();
 
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -43,9 +49,10 @@ public interface SignBlobRequestOrBuilder extends
    *
    * <code>repeated string delegates = 3;</code>
    */
-  java.util.List<java.lang.String>
-      getDelegatesList();
+  java.util.List<java.lang.String> getDelegatesList();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -61,6 +68,8 @@ public interface SignBlobRequestOrBuilder extends
    */
   int getDelegatesCount();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -76,6 +85,8 @@ public interface SignBlobRequestOrBuilder extends
    */
   java.lang.String getDelegates(int index);
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -89,10 +100,11 @@ public interface SignBlobRequestOrBuilder extends
    *
    * <code>repeated string delegates = 3;</code>
    */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
+  com.google.protobuf.ByteString getDelegatesBytes(int index);
 
   /**
+   *
+   *
    * <pre>
    * The bytes to sign.
    * </pre>
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java
index 1b7e4c693e97..2ff537ecab37 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponse.java
@@ -3,28 +3,27 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
- */
-public  final class SignBlobResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.SignBlobResponse} */
+public final class SignBlobResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignBlobResponse)
     SignBlobResponseOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use SignBlobResponse.newBuilder() to construct.
   private SignBlobResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private SignBlobResponse() {
     keyId_ = "";
     signedBlob_ = com.google.protobuf.ByteString.EMPTY;
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private SignBlobResponse(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -44,52 +43,57 @@ private SignBlobResponse(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
-
-            keyId_ = s;
-            break;
-          }
-          case 34: {
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            signedBlob_ = input.readBytes();
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+              keyId_ = s;
+              break;
+            }
+          case 34:
+            {
+              signedBlob_ = input.readBytes();
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       this.unknownFields = unknownFields.build();
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.SignBlobResponse.class, com.google.cloud.iam.credentials.v1.SignBlobResponse.Builder.class);
+            com.google.cloud.iam.credentials.v1.SignBlobResponse.class,
+            com.google.cloud.iam.credentials.v1.SignBlobResponse.Builder.class);
   }
 
   public static final int KEY_ID_FIELD_NUMBER = 1;
   private volatile java.lang.Object keyId_;
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the blob.
    * </pre>
@@ -101,27 +105,26 @@ public java.lang.String getKeyId() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       keyId_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the blob.
    * </pre>
    *
    * <code>string key_id = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getKeyIdBytes() {
+  public com.google.protobuf.ByteString getKeyIdBytes() {
     java.lang.Object ref = keyId_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       keyId_ = b;
       return b;
     } else {
@@ -132,6 +135,8 @@ public java.lang.String getKeyId() {
   public static final int SIGNED_BLOB_FIELD_NUMBER = 4;
   private com.google.protobuf.ByteString signedBlob_;
   /**
+   *
+   *
    * <pre>
    * The signed blob.
    * </pre>
@@ -143,6 +148,7 @@ public com.google.protobuf.ByteString getSignedBlob() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -154,8 +160,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getKeyIdBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
     }
@@ -175,8 +180,7 @@ public int getSerializedSize() {
       size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, keyId_);
     }
     if (!signedBlob_.isEmpty()) {
-      size += com.google.protobuf.CodedOutputStream
-        .computeBytesSize(4, signedBlob_);
+      size += com.google.protobuf.CodedOutputStream.computeBytesSize(4, signedBlob_);
     }
     size += unknownFields.getSerializedSize();
     memoizedSize = size;
@@ -186,18 +190,17 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignBlobResponse)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.SignBlobResponse other = (com.google.cloud.iam.credentials.v1.SignBlobResponse) obj;
+    com.google.cloud.iam.credentials.v1.SignBlobResponse other =
+        (com.google.cloud.iam.credentials.v1.SignBlobResponse) obj;
 
     boolean result = true;
-    result = result && getKeyId()
-        .equals(other.getKeyId());
-    result = result && getSignedBlob()
-        .equals(other.getSignedBlob());
+    result = result && getKeyId().equals(other.getKeyId());
+    result = result && getSignedBlob().equals(other.getSignedBlob());
     result = result && unknownFields.equals(other.unknownFields);
     return result;
   }
@@ -219,113 +222,118 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(byte[] data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignBlobResponse parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
+
   public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignBlobResponse prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignBlobResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.SignBlobResponse} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignBlobResponse)
       com.google.cloud.iam.credentials.v1.SignBlobResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignBlobResponse_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.SignBlobResponse.class, com.google.cloud.iam.credentials.v1.SignBlobResponse.Builder.class);
+              com.google.cloud.iam.credentials.v1.SignBlobResponse.class,
+              com.google.cloud.iam.credentials.v1.SignBlobResponse.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.SignBlobResponse.newBuilder()
@@ -333,16 +341,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -354,9 +361,9 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignBlobResponse_descriptor;
     }
 
     @java.lang.Override
@@ -375,7 +382,8 @@ public com.google.cloud.iam.credentials.v1.SignBlobResponse build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.SignBlobResponse buildPartial() {
-      com.google.cloud.iam.credentials.v1.SignBlobResponse result = new com.google.cloud.iam.credentials.v1.SignBlobResponse(this);
+      com.google.cloud.iam.credentials.v1.SignBlobResponse result =
+          new com.google.cloud.iam.credentials.v1.SignBlobResponse(this);
       result.keyId_ = keyId_;
       result.signedBlob_ = signedBlob_;
       onBuilt();
@@ -386,38 +394,39 @@ public com.google.cloud.iam.credentials.v1.SignBlobResponse buildPartial() {
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.SignBlobResponse) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.SignBlobResponse)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignBlobResponse) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -425,7 +434,8 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignBlobResponse other) {
-      if (other == com.google.cloud.iam.credentials.v1.SignBlobResponse.getDefaultInstance()) return this;
+      if (other == com.google.cloud.iam.credentials.v1.SignBlobResponse.getDefaultInstance())
+        return this;
       if (!other.getKeyId().isEmpty()) {
         keyId_ = other.keyId_;
         onChanged();
@@ -452,7 +462,8 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.SignBlobResponse) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.SignBlobResponse) e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -464,6 +475,8 @@ public Builder mergeFrom(
 
     private java.lang.Object keyId_ = "";
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the blob.
      * </pre>
@@ -473,8 +486,7 @@ public Builder mergeFrom(
     public java.lang.String getKeyId() {
       java.lang.Object ref = keyId_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         keyId_ = s;
         return s;
@@ -483,19 +495,19 @@ public java.lang.String getKeyId() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the blob.
      * </pre>
      *
      * <code>string key_id = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getKeyIdBytes() {
+    public com.google.protobuf.ByteString getKeyIdBytes() {
       java.lang.Object ref = keyId_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         keyId_ = b;
         return b;
       } else {
@@ -503,23 +515,26 @@ public java.lang.String getKeyId() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the blob.
      * </pre>
      *
      * <code>string key_id = 1;</code>
      */
-    public Builder setKeyId(
-        java.lang.String value) {
+    public Builder setKeyId(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       keyId_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the blob.
      * </pre>
@@ -527,25 +542,26 @@ public Builder setKeyId(
      * <code>string key_id = 1;</code>
      */
     public Builder clearKeyId() {
-      
+
       keyId_ = getDefaultInstance().getKeyId();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the blob.
      * </pre>
      *
      * <code>string key_id = 1;</code>
      */
-    public Builder setKeyIdBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setKeyIdBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       keyId_ = value;
       onChanged();
       return this;
@@ -553,6 +569,8 @@ public Builder setKeyIdBytes(
 
     private com.google.protobuf.ByteString signedBlob_ = com.google.protobuf.ByteString.EMPTY;
     /**
+     *
+     *
      * <pre>
      * The signed blob.
      * </pre>
@@ -563,6 +581,8 @@ public com.google.protobuf.ByteString getSignedBlob() {
       return signedBlob_;
     }
     /**
+     *
+     *
      * <pre>
      * The signed blob.
      * </pre>
@@ -571,14 +591,16 @@ public com.google.protobuf.ByteString getSignedBlob() {
      */
     public Builder setSignedBlob(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       signedBlob_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The signed blob.
      * </pre>
@@ -586,14 +608,14 @@ public Builder setSignedBlob(com.google.protobuf.ByteString value) {
      * <code>bytes signed_blob = 4;</code>
      */
     public Builder clearSignedBlob() {
-      
+
       signedBlob_ = getDefaultInstance().getSignedBlob();
       onChanged();
       return this;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -603,12 +625,12 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignBlobResponse)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignBlobResponse)
   private static final com.google.cloud.iam.credentials.v1.SignBlobResponse DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignBlobResponse();
   }
@@ -617,16 +639,16 @@ public static com.google.cloud.iam.credentials.v1.SignBlobResponse getDefaultIns
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<SignBlobResponse>
-      PARSER = new com.google.protobuf.AbstractParser<SignBlobResponse>() {
-    @java.lang.Override
-    public SignBlobResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignBlobResponse(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<SignBlobResponse> PARSER =
+      new com.google.protobuf.AbstractParser<SignBlobResponse>() {
+        @java.lang.Override
+        public SignBlobResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new SignBlobResponse(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<SignBlobResponse> parser() {
     return PARSER;
@@ -641,6 +663,4 @@ public com.google.protobuf.Parser<SignBlobResponse> getParserForType() {
   public com.google.cloud.iam.credentials.v1.SignBlobResponse getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java
index 9331436e611b..e4d9b0663d4f 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignBlobResponseOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface SignBlobResponseOrBuilder extends
+public interface SignBlobResponseOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignBlobResponse)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the blob.
    * </pre>
@@ -16,16 +19,19 @@ public interface SignBlobResponseOrBuilder extends
    */
   java.lang.String getKeyId();
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the blob.
    * </pre>
    *
    * <code>string key_id = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getKeyIdBytes();
+  com.google.protobuf.ByteString getKeyIdBytes();
 
   /**
+   *
+   *
    * <pre>
    * The signed blob.
    * </pre>
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java
index a42ebf52b8b2..da331a6e73d8 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequest.java
@@ -3,18 +3,17 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
- */
-public  final class SignJwtRequest extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.SignJwtRequest} */
+public final class SignJwtRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtRequest)
     SignJwtRequestOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use SignJwtRequest.newBuilder() to construct.
   private SignJwtRequest(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private SignJwtRequest() {
     name_ = "";
     delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
@@ -22,10 +21,10 @@ private SignJwtRequest() {
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private SignJwtRequest(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -45,41 +44,43 @@ private SignJwtRequest(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            name_ = s;
-            break;
-          }
-          case 26: {
-            java.lang.String s = input.readStringRequireUtf8();
-            if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
-              delegates_ = new com.google.protobuf.LazyStringArrayList();
-              mutable_bitField0_ |= 0x00000002;
+              name_ = s;
+              break;
             }
-            delegates_.add(s);
-            break;
-          }
-          case 42: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 26:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
+              if (!((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
+                delegates_ = new com.google.protobuf.LazyStringArrayList();
+                mutable_bitField0_ |= 0x00000002;
+              }
+              delegates_.add(s);
+              break;
+            }
+          case 42:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            payload_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+              payload_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       if (((mutable_bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = delegates_.getUnmodifiableView();
@@ -88,23 +89,28 @@ private SignJwtRequest(
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.SignJwtRequest.class, com.google.cloud.iam.credentials.v1.SignJwtRequest.Builder.class);
+            com.google.cloud.iam.credentials.v1.SignJwtRequest.class,
+            com.google.cloud.iam.credentials.v1.SignJwtRequest.Builder.class);
   }
 
   private int bitField0_;
   public static final int NAME_FIELD_NUMBER = 1;
   private volatile java.lang.Object name_;
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -118,14 +124,15 @@ public java.lang.String getName() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       name_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -134,13 +141,11 @@ public java.lang.String getName() {
    *
    * <code>string name = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getNameBytes() {
+  public com.google.protobuf.ByteString getNameBytes() {
     java.lang.Object ref = name_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       name_ = b;
       return b;
     } else {
@@ -151,6 +156,8 @@ public java.lang.String getName() {
   public static final int DELEGATES_FIELD_NUMBER = 3;
   private com.google.protobuf.LazyStringList delegates_;
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -164,11 +171,12 @@ public java.lang.String getName() {
    *
    * <code>repeated string delegates = 3;</code>
    */
-  public com.google.protobuf.ProtocolStringList
-      getDelegatesList() {
+  public com.google.protobuf.ProtocolStringList getDelegatesList() {
     return delegates_;
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -186,6 +194,8 @@ public int getDelegatesCount() {
     return delegates_.size();
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -203,6 +213,8 @@ public java.lang.String getDelegates(int index) {
     return delegates_.get(index);
   }
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -216,14 +228,15 @@ public java.lang.String getDelegates(int index) {
    *
    * <code>repeated string delegates = 3;</code>
    */
-  public com.google.protobuf.ByteString
-      getDelegatesBytes(int index) {
+  public com.google.protobuf.ByteString getDelegatesBytes(int index) {
     return delegates_.getByteString(index);
   }
 
   public static final int PAYLOAD_FIELD_NUMBER = 5;
   private volatile java.lang.Object payload_;
   /**
+   *
+   *
    * <pre>
    * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
    * </pre>
@@ -235,27 +248,26 @@ public java.lang.String getPayload() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       payload_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
    * </pre>
    *
    * <code>string payload = 5;</code>
    */
-  public com.google.protobuf.ByteString
-      getPayloadBytes() {
+  public com.google.protobuf.ByteString getPayloadBytes() {
     java.lang.Object ref = payload_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       payload_ = b;
       return b;
     } else {
@@ -264,6 +276,7 @@ public java.lang.String getPayload() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -275,8 +288,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getNameBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
     }
@@ -317,20 +329,18 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignJwtRequest)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.SignJwtRequest other = (com.google.cloud.iam.credentials.v1.SignJwtRequest) obj;
+    com.google.cloud.iam.credentials.v1.SignJwtRequest other =
+        (com.google.cloud.iam.credentials.v1.SignJwtRequest) obj;
 
     boolean result = true;
-    result = result && getName()
-        .equals(other.getName());
-    result = result && getDelegatesList()
-        .equals(other.getDelegatesList());
-    result = result && getPayload()
-        .equals(other.getPayload());
+    result = result && getName().equals(other.getName());
+    result = result && getDelegatesList().equals(other.getDelegatesList());
+    result = result && getPayload().equals(other.getPayload());
     result = result && unknownFields.equals(other.unknownFields);
     return result;
   }
@@ -356,113 +366,118 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(byte[] data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtRequest parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
+
   public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignJwtRequest prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignJwtRequest}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.SignJwtRequest} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtRequest)
       com.google.cloud.iam.credentials.v1.SignJwtRequestOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignJwtRequest_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.SignJwtRequest.class, com.google.cloud.iam.credentials.v1.SignJwtRequest.Builder.class);
+              com.google.cloud.iam.credentials.v1.SignJwtRequest.class,
+              com.google.cloud.iam.credentials.v1.SignJwtRequest.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.SignJwtRequest.newBuilder()
@@ -470,16 +485,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -493,9 +507,9 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignJwtRequest_descriptor;
     }
 
     @java.lang.Override
@@ -514,7 +528,8 @@ public com.google.cloud.iam.credentials.v1.SignJwtRequest build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.SignJwtRequest buildPartial() {
-      com.google.cloud.iam.credentials.v1.SignJwtRequest result = new com.google.cloud.iam.credentials.v1.SignJwtRequest(this);
+      com.google.cloud.iam.credentials.v1.SignJwtRequest result =
+          new com.google.cloud.iam.credentials.v1.SignJwtRequest(this);
       int from_bitField0_ = bitField0_;
       int to_bitField0_ = 0;
       result.name_ = name_;
@@ -533,38 +548,39 @@ public com.google.cloud.iam.credentials.v1.SignJwtRequest buildPartial() {
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.SignJwtRequest) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.SignJwtRequest)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignJwtRequest) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -572,7 +588,8 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignJwtRequest other) {
-      if (other == com.google.cloud.iam.credentials.v1.SignJwtRequest.getDefaultInstance()) return this;
+      if (other == com.google.cloud.iam.credentials.v1.SignJwtRequest.getDefaultInstance())
+        return this;
       if (!other.getName().isEmpty()) {
         name_ = other.name_;
         onChanged();
@@ -610,7 +627,8 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.SignJwtRequest) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.SignJwtRequest) e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -619,10 +637,13 @@ public Builder mergeFrom(
       }
       return this;
     }
+
     private int bitField0_;
 
     private java.lang.Object name_ = "";
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -634,8 +655,7 @@ public Builder mergeFrom(
     public java.lang.String getName() {
       java.lang.Object ref = name_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         name_ = s;
         return s;
@@ -644,6 +664,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -652,13 +674,11 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getNameBytes() {
+    public com.google.protobuf.ByteString getNameBytes() {
       java.lang.Object ref = name_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         name_ = b;
         return b;
       } else {
@@ -666,6 +686,8 @@ public java.lang.String getName() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -674,17 +696,18 @@ public java.lang.String getName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setName(
-        java.lang.String value) {
+    public Builder setName(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       name_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -694,12 +717,14 @@ public Builder setName(
      * <code>string name = 1;</code>
      */
     public Builder clearName() {
-      
+
       name_ = getDefaultInstance().getName();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The resource name of the service account for which the credentials
      * are requested, in the following format:
@@ -708,26 +733,29 @@ public Builder clearName() {
      *
      * <code>string name = 1;</code>
      */
-    public Builder setNameBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setNameBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       name_ = value;
       onChanged();
       return this;
     }
 
-    private com.google.protobuf.LazyStringList delegates_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+    private com.google.protobuf.LazyStringList delegates_ =
+        com.google.protobuf.LazyStringArrayList.EMPTY;
+
     private void ensureDelegatesIsMutable() {
       if (!((bitField0_ & 0x00000002) == 0x00000002)) {
         delegates_ = new com.google.protobuf.LazyStringArrayList(delegates_);
         bitField0_ |= 0x00000002;
-       }
+      }
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -741,11 +769,12 @@ private void ensureDelegatesIsMutable() {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public com.google.protobuf.ProtocolStringList
-        getDelegatesList() {
+    public com.google.protobuf.ProtocolStringList getDelegatesList() {
       return delegates_.getUnmodifiableView();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -763,6 +792,8 @@ public int getDelegatesCount() {
       return delegates_.size();
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -780,6 +811,8 @@ public java.lang.String getDelegates(int index) {
       return delegates_.get(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -793,11 +826,12 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public com.google.protobuf.ByteString
-        getDelegatesBytes(int index) {
+    public com.google.protobuf.ByteString getDelegatesBytes(int index) {
       return delegates_.getByteString(index);
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -811,17 +845,18 @@ public java.lang.String getDelegates(int index) {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder setDelegates(
-        int index, java.lang.String value) {
+    public Builder setDelegates(int index, java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.set(index, value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -835,17 +870,18 @@ public Builder setDelegates(
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder addDelegates(
-        java.lang.String value) {
+    public Builder addDelegates(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  ensureDelegatesIsMutable();
+        throw new NullPointerException();
+      }
+      ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -859,15 +895,15 @@ public Builder addDelegates(
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder addAllDelegates(
-        java.lang.Iterable<java.lang.String> values) {
+    public Builder addAllDelegates(java.lang.Iterable<java.lang.String> values) {
       ensureDelegatesIsMutable();
-      com.google.protobuf.AbstractMessageLite.Builder.addAll(
-          values, delegates_);
+      com.google.protobuf.AbstractMessageLite.Builder.addAll(values, delegates_);
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -888,6 +924,8 @@ public Builder clearDelegates() {
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The sequence of service accounts in a delegation chain. Each service
      * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -901,12 +939,11 @@ public Builder clearDelegates() {
      *
      * <code>repeated string delegates = 3;</code>
      */
-    public Builder addDelegatesBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder addDelegatesBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
       ensureDelegatesIsMutable();
       delegates_.add(value);
       onChanged();
@@ -915,6 +952,8 @@ public Builder addDelegatesBytes(
 
     private java.lang.Object payload_ = "";
     /**
+     *
+     *
      * <pre>
      * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
      * </pre>
@@ -924,8 +963,7 @@ public Builder addDelegatesBytes(
     public java.lang.String getPayload() {
       java.lang.Object ref = payload_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         payload_ = s;
         return s;
@@ -934,19 +972,19 @@ public java.lang.String getPayload() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
      * </pre>
      *
      * <code>string payload = 5;</code>
      */
-    public com.google.protobuf.ByteString
-        getPayloadBytes() {
+    public com.google.protobuf.ByteString getPayloadBytes() {
       java.lang.Object ref = payload_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         payload_ = b;
         return b;
       } else {
@@ -954,23 +992,26 @@ public java.lang.String getPayload() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
      * </pre>
      *
      * <code>string payload = 5;</code>
      */
-    public Builder setPayload(
-        java.lang.String value) {
+    public Builder setPayload(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       payload_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
      * </pre>
@@ -978,32 +1019,33 @@ public Builder setPayload(
      * <code>string payload = 5;</code>
      */
     public Builder clearPayload() {
-      
+
       payload_ = getDefaultInstance().getPayload();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
      * </pre>
      *
      * <code>string payload = 5;</code>
      */
-    public Builder setPayloadBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setPayloadBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       payload_ = value;
       onChanged();
       return this;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -1013,12 +1055,12 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtRequest)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtRequest)
   private static final com.google.cloud.iam.credentials.v1.SignJwtRequest DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignJwtRequest();
   }
@@ -1027,16 +1069,16 @@ public static com.google.cloud.iam.credentials.v1.SignJwtRequest getDefaultInsta
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<SignJwtRequest>
-      PARSER = new com.google.protobuf.AbstractParser<SignJwtRequest>() {
-    @java.lang.Override
-    public SignJwtRequest parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignJwtRequest(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<SignJwtRequest> PARSER =
+      new com.google.protobuf.AbstractParser<SignJwtRequest>() {
+        @java.lang.Override
+        public SignJwtRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new SignJwtRequest(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<SignJwtRequest> parser() {
     return PARSER;
@@ -1051,6 +1093,4 @@ public com.google.protobuf.Parser<SignJwtRequest> getParserForType() {
   public com.google.cloud.iam.credentials.v1.SignJwtRequest getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java
index 35c54344f1da..c04df36fe87f 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtRequestOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface SignJwtRequestOrBuilder extends
+public interface SignJwtRequestOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtRequest)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -18,6 +21,8 @@ public interface SignJwtRequestOrBuilder extends
    */
   java.lang.String getName();
   /**
+   *
+   *
    * <pre>
    * The resource name of the service account for which the credentials
    * are requested, in the following format:
@@ -26,10 +31,11 @@ public interface SignJwtRequestOrBuilder extends
    *
    * <code>string name = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getNameBytes();
+  com.google.protobuf.ByteString getNameBytes();
 
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -43,9 +49,10 @@ public interface SignJwtRequestOrBuilder extends
    *
    * <code>repeated string delegates = 3;</code>
    */
-  java.util.List<java.lang.String>
-      getDelegatesList();
+  java.util.List<java.lang.String> getDelegatesList();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -61,6 +68,8 @@ public interface SignJwtRequestOrBuilder extends
    */
   int getDelegatesCount();
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -76,6 +85,8 @@ public interface SignJwtRequestOrBuilder extends
    */
   java.lang.String getDelegates(int index);
   /**
+   *
+   *
    * <pre>
    * The sequence of service accounts in a delegation chain. Each service
    * account must be granted the `roles/iam.serviceAccountTokenCreator` role
@@ -89,10 +100,11 @@ public interface SignJwtRequestOrBuilder extends
    *
    * <code>repeated string delegates = 3;</code>
    */
-  com.google.protobuf.ByteString
-      getDelegatesBytes(int index);
+  com.google.protobuf.ByteString getDelegatesBytes(int index);
 
   /**
+   *
+   *
    * <pre>
    * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
    * </pre>
@@ -101,12 +113,13 @@ public interface SignJwtRequestOrBuilder extends
    */
   java.lang.String getPayload();
   /**
+   *
+   *
    * <pre>
    * The JWT payload to sign: a JSON object that contains a JWT Claims Set.
    * </pre>
    *
    * <code>string payload = 5;</code>
    */
-  com.google.protobuf.ByteString
-      getPayloadBytes();
+  com.google.protobuf.ByteString getPayloadBytes();
 }
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java
index 1dff292cec17..d718f98ec54c 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponse.java
@@ -3,28 +3,27 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-/**
- * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
- */
-public  final class SignJwtResponse extends
-    com.google.protobuf.GeneratedMessageV3 implements
+/** Protobuf type {@code google.iam.credentials.v1.SignJwtResponse} */
+public final class SignJwtResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
     // @@protoc_insertion_point(message_implements:google.iam.credentials.v1.SignJwtResponse)
     SignJwtResponseOrBuilder {
-private static final long serialVersionUID = 0L;
+  private static final long serialVersionUID = 0L;
   // Use SignJwtResponse.newBuilder() to construct.
   private SignJwtResponse(com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
     super(builder);
   }
+
   private SignJwtResponse() {
     keyId_ = "";
     signedJwt_ = "";
   }
 
   @java.lang.Override
-  public final com.google.protobuf.UnknownFieldSet
-  getUnknownFields() {
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
     return this.unknownFields;
   }
+
   private SignJwtResponse(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
@@ -44,53 +43,59 @@ private SignJwtResponse(
           case 0:
             done = true;
             break;
-          case 10: {
-            java.lang.String s = input.readStringRequireUtf8();
+          case 10:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            keyId_ = s;
-            break;
-          }
-          case 18: {
-            java.lang.String s = input.readStringRequireUtf8();
+              keyId_ = s;
+              break;
+            }
+          case 18:
+            {
+              java.lang.String s = input.readStringRequireUtf8();
 
-            signedJwt_ = s;
-            break;
-          }
-          default: {
-            if (!parseUnknownFieldProto3(
-                input, unknownFields, extensionRegistry, tag)) {
-              done = true;
+              signedJwt_ = s;
+              break;
+            }
+          default:
+            {
+              if (!parseUnknownFieldProto3(input, unknownFields, extensionRegistry, tag)) {
+                done = true;
+              }
+              break;
             }
-            break;
-          }
         }
       }
     } catch (com.google.protobuf.InvalidProtocolBufferException e) {
       throw e.setUnfinishedMessage(this);
     } catch (java.io.IOException e) {
-      throw new com.google.protobuf.InvalidProtocolBufferException(
-          e).setUnfinishedMessage(this);
+      throw new com.google.protobuf.InvalidProtocolBufferException(e).setUnfinishedMessage(this);
     } finally {
       this.unknownFields = unknownFields.build();
       makeExtensionsImmutable();
     }
   }
-  public static final com.google.protobuf.Descriptors.Descriptor
-      getDescriptor() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
   }
 
   @java.lang.Override
   protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internalGetFieldAccessorTable() {
-    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
+    return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+        .internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
         .ensureFieldAccessorsInitialized(
-            com.google.cloud.iam.credentials.v1.SignJwtResponse.class, com.google.cloud.iam.credentials.v1.SignJwtResponse.Builder.class);
+            com.google.cloud.iam.credentials.v1.SignJwtResponse.class,
+            com.google.cloud.iam.credentials.v1.SignJwtResponse.Builder.class);
   }
 
   public static final int KEY_ID_FIELD_NUMBER = 1;
   private volatile java.lang.Object keyId_;
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the JWT.
    * </pre>
@@ -102,27 +107,26 @@ public java.lang.String getKeyId() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       keyId_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the JWT.
    * </pre>
    *
    * <code>string key_id = 1;</code>
    */
-  public com.google.protobuf.ByteString
-      getKeyIdBytes() {
+  public com.google.protobuf.ByteString getKeyIdBytes() {
     java.lang.Object ref = keyId_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       keyId_ = b;
       return b;
     } else {
@@ -133,6 +137,8 @@ public java.lang.String getKeyId() {
   public static final int SIGNED_JWT_FIELD_NUMBER = 2;
   private volatile java.lang.Object signedJwt_;
   /**
+   *
+   *
    * <pre>
    * The signed JWT.
    * </pre>
@@ -144,27 +150,26 @@ public java.lang.String getSignedJwt() {
     if (ref instanceof java.lang.String) {
       return (java.lang.String) ref;
     } else {
-      com.google.protobuf.ByteString bs = 
-          (com.google.protobuf.ByteString) ref;
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
       java.lang.String s = bs.toStringUtf8();
       signedJwt_ = s;
       return s;
     }
   }
   /**
+   *
+   *
    * <pre>
    * The signed JWT.
    * </pre>
    *
    * <code>string signed_jwt = 2;</code>
    */
-  public com.google.protobuf.ByteString
-      getSignedJwtBytes() {
+  public com.google.protobuf.ByteString getSignedJwtBytes() {
     java.lang.Object ref = signedJwt_;
     if (ref instanceof java.lang.String) {
-      com.google.protobuf.ByteString b = 
-          com.google.protobuf.ByteString.copyFromUtf8(
-              (java.lang.String) ref);
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
       signedJwt_ = b;
       return b;
     } else {
@@ -173,6 +178,7 @@ public java.lang.String getSignedJwt() {
   }
 
   private byte memoizedIsInitialized = -1;
+
   @java.lang.Override
   public final boolean isInitialized() {
     byte isInitialized = memoizedIsInitialized;
@@ -184,8 +190,7 @@ public final boolean isInitialized() {
   }
 
   @java.lang.Override
-  public void writeTo(com.google.protobuf.CodedOutputStream output)
-                      throws java.io.IOException {
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
     if (!getKeyIdBytes().isEmpty()) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 1, keyId_);
     }
@@ -215,18 +220,17 @@ public int getSerializedSize() {
   @java.lang.Override
   public boolean equals(final java.lang.Object obj) {
     if (obj == this) {
-     return true;
+      return true;
     }
     if (!(obj instanceof com.google.cloud.iam.credentials.v1.SignJwtResponse)) {
       return super.equals(obj);
     }
-    com.google.cloud.iam.credentials.v1.SignJwtResponse other = (com.google.cloud.iam.credentials.v1.SignJwtResponse) obj;
+    com.google.cloud.iam.credentials.v1.SignJwtResponse other =
+        (com.google.cloud.iam.credentials.v1.SignJwtResponse) obj;
 
     boolean result = true;
-    result = result && getKeyId()
-        .equals(other.getKeyId());
-    result = result && getSignedJwt()
-        .equals(other.getSignedJwt());
+    result = result && getKeyId().equals(other.getKeyId());
+    result = result && getSignedJwt().equals(other.getSignedJwt());
     result = result && unknownFields.equals(other.unknownFields);
     return result;
   }
@@ -248,113 +252,118 @@ public int hashCode() {
   }
 
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
-      java.nio.ByteBuffer data)
-      throws com.google.protobuf.InvalidProtocolBufferException {
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
-      java.nio.ByteBuffer data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
       com.google.protobuf.ByteString data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
       com.google.protobuf.ByteString data,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(byte[] data)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
-      byte[] data,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws com.google.protobuf.InvalidProtocolBufferException {
     return PARSER.parseFrom(data, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
-  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(java.io.InputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input);
+
+  public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseDelimitedFrom(
-      java.io.InputStream input,
-      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseDelimitedWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
-      com.google.protobuf.CodedInputStream input)
-      throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input);
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
   }
+
   public static com.google.cloud.iam.credentials.v1.SignJwtResponse parseFrom(
       com.google.protobuf.CodedInputStream input,
       com.google.protobuf.ExtensionRegistryLite extensionRegistry)
       throws java.io.IOException {
-    return com.google.protobuf.GeneratedMessageV3
-        .parseWithIOException(PARSER, input, extensionRegistry);
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
   }
 
   @java.lang.Override
-  public Builder newBuilderForType() { return newBuilder(); }
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
   public static Builder newBuilder() {
     return DEFAULT_INSTANCE.toBuilder();
   }
+
   public static Builder newBuilder(com.google.cloud.iam.credentials.v1.SignJwtResponse prototype) {
     return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
   }
+
   @java.lang.Override
   public Builder toBuilder() {
-    return this == DEFAULT_INSTANCE
-        ? new Builder() : new Builder().mergeFrom(this);
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
   }
 
   @java.lang.Override
-  protected Builder newBuilderForType(
-      com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
     Builder builder = new Builder(parent);
     return builder;
   }
-  /**
-   * Protobuf type {@code google.iam.credentials.v1.SignJwtResponse}
-   */
-  public static final class Builder extends
-      com.google.protobuf.GeneratedMessageV3.Builder<Builder> implements
+  /** Protobuf type {@code google.iam.credentials.v1.SignJwtResponse} */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
       // @@protoc_insertion_point(builder_implements:google.iam.credentials.v1.SignJwtResponse)
       com.google.cloud.iam.credentials.v1.SignJwtResponseOrBuilder {
-    public static final com.google.protobuf.Descriptors.Descriptor
-        getDescriptor() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
     }
 
     @java.lang.Override
     protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
         internalGetFieldAccessorTable() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignJwtResponse_fieldAccessorTable
           .ensureFieldAccessorsInitialized(
-              com.google.cloud.iam.credentials.v1.SignJwtResponse.class, com.google.cloud.iam.credentials.v1.SignJwtResponse.Builder.class);
+              com.google.cloud.iam.credentials.v1.SignJwtResponse.class,
+              com.google.cloud.iam.credentials.v1.SignJwtResponse.Builder.class);
     }
 
     // Construct using com.google.cloud.iam.credentials.v1.SignJwtResponse.newBuilder()
@@ -362,16 +371,15 @@ private Builder() {
       maybeForceBuilderInitialization();
     }
 
-    private Builder(
-        com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
       super(parent);
       maybeForceBuilderInitialization();
     }
+
     private void maybeForceBuilderInitialization() {
-      if (com.google.protobuf.GeneratedMessageV3
-              .alwaysUseFieldBuilders) {
-      }
+      if (com.google.protobuf.GeneratedMessageV3.alwaysUseFieldBuilders) {}
     }
+
     @java.lang.Override
     public Builder clear() {
       super.clear();
@@ -383,9 +391,9 @@ public Builder clear() {
     }
 
     @java.lang.Override
-    public com.google.protobuf.Descriptors.Descriptor
-        getDescriptorForType() {
-      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto.internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.cloud.iam.credentials.v1.IAMCredentialsCommonProto
+          .internal_static_google_iam_credentials_v1_SignJwtResponse_descriptor;
     }
 
     @java.lang.Override
@@ -404,7 +412,8 @@ public com.google.cloud.iam.credentials.v1.SignJwtResponse build() {
 
     @java.lang.Override
     public com.google.cloud.iam.credentials.v1.SignJwtResponse buildPartial() {
-      com.google.cloud.iam.credentials.v1.SignJwtResponse result = new com.google.cloud.iam.credentials.v1.SignJwtResponse(this);
+      com.google.cloud.iam.credentials.v1.SignJwtResponse result =
+          new com.google.cloud.iam.credentials.v1.SignJwtResponse(this);
       result.keyId_ = keyId_;
       result.signedJwt_ = signedJwt_;
       onBuilt();
@@ -415,38 +424,39 @@ public com.google.cloud.iam.credentials.v1.SignJwtResponse buildPartial() {
     public Builder clone() {
       return (Builder) super.clone();
     }
+
     @java.lang.Override
     public Builder setField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.setField(field, value);
     }
+
     @java.lang.Override
-    public Builder clearField(
-        com.google.protobuf.Descriptors.FieldDescriptor field) {
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
       return (Builder) super.clearField(field);
     }
+
     @java.lang.Override
-    public Builder clearOneof(
-        com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
       return (Builder) super.clearOneof(oneof);
     }
+
     @java.lang.Override
     public Builder setRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        int index, java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
       return (Builder) super.setRepeatedField(field, index, value);
     }
+
     @java.lang.Override
     public Builder addRepeatedField(
-        com.google.protobuf.Descriptors.FieldDescriptor field,
-        java.lang.Object value) {
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
       return (Builder) super.addRepeatedField(field, value);
     }
+
     @java.lang.Override
     public Builder mergeFrom(com.google.protobuf.Message other) {
       if (other instanceof com.google.cloud.iam.credentials.v1.SignJwtResponse) {
-        return mergeFrom((com.google.cloud.iam.credentials.v1.SignJwtResponse)other);
+        return mergeFrom((com.google.cloud.iam.credentials.v1.SignJwtResponse) other);
       } else {
         super.mergeFrom(other);
         return this;
@@ -454,7 +464,8 @@ public Builder mergeFrom(com.google.protobuf.Message other) {
     }
 
     public Builder mergeFrom(com.google.cloud.iam.credentials.v1.SignJwtResponse other) {
-      if (other == com.google.cloud.iam.credentials.v1.SignJwtResponse.getDefaultInstance()) return this;
+      if (other == com.google.cloud.iam.credentials.v1.SignJwtResponse.getDefaultInstance())
+        return this;
       if (!other.getKeyId().isEmpty()) {
         keyId_ = other.keyId_;
         onChanged();
@@ -482,7 +493,8 @@ public Builder mergeFrom(
       try {
         parsedMessage = PARSER.parsePartialFrom(input, extensionRegistry);
       } catch (com.google.protobuf.InvalidProtocolBufferException e) {
-        parsedMessage = (com.google.cloud.iam.credentials.v1.SignJwtResponse) e.getUnfinishedMessage();
+        parsedMessage =
+            (com.google.cloud.iam.credentials.v1.SignJwtResponse) e.getUnfinishedMessage();
         throw e.unwrapIOException();
       } finally {
         if (parsedMessage != null) {
@@ -494,6 +506,8 @@ public Builder mergeFrom(
 
     private java.lang.Object keyId_ = "";
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the JWT.
      * </pre>
@@ -503,8 +517,7 @@ public Builder mergeFrom(
     public java.lang.String getKeyId() {
       java.lang.Object ref = keyId_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         keyId_ = s;
         return s;
@@ -513,19 +526,19 @@ public java.lang.String getKeyId() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the JWT.
      * </pre>
      *
      * <code>string key_id = 1;</code>
      */
-    public com.google.protobuf.ByteString
-        getKeyIdBytes() {
+    public com.google.protobuf.ByteString getKeyIdBytes() {
       java.lang.Object ref = keyId_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         keyId_ = b;
         return b;
       } else {
@@ -533,23 +546,26 @@ public java.lang.String getKeyId() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the JWT.
      * </pre>
      *
      * <code>string key_id = 1;</code>
      */
-    public Builder setKeyId(
-        java.lang.String value) {
+    public Builder setKeyId(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       keyId_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the JWT.
      * </pre>
@@ -557,25 +573,26 @@ public Builder setKeyId(
      * <code>string key_id = 1;</code>
      */
     public Builder clearKeyId() {
-      
+
       keyId_ = getDefaultInstance().getKeyId();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The ID of the key used to sign the JWT.
      * </pre>
      *
      * <code>string key_id = 1;</code>
      */
-    public Builder setKeyIdBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setKeyIdBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       keyId_ = value;
       onChanged();
       return this;
@@ -583,6 +600,8 @@ public Builder setKeyIdBytes(
 
     private java.lang.Object signedJwt_ = "";
     /**
+     *
+     *
      * <pre>
      * The signed JWT.
      * </pre>
@@ -592,8 +611,7 @@ public Builder setKeyIdBytes(
     public java.lang.String getSignedJwt() {
       java.lang.Object ref = signedJwt_;
       if (!(ref instanceof java.lang.String)) {
-        com.google.protobuf.ByteString bs =
-            (com.google.protobuf.ByteString) ref;
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
         java.lang.String s = bs.toStringUtf8();
         signedJwt_ = s;
         return s;
@@ -602,19 +620,19 @@ public java.lang.String getSignedJwt() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The signed JWT.
      * </pre>
      *
      * <code>string signed_jwt = 2;</code>
      */
-    public com.google.protobuf.ByteString
-        getSignedJwtBytes() {
+    public com.google.protobuf.ByteString getSignedJwtBytes() {
       java.lang.Object ref = signedJwt_;
       if (ref instanceof String) {
-        com.google.protobuf.ByteString b = 
-            com.google.protobuf.ByteString.copyFromUtf8(
-                (java.lang.String) ref);
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
         signedJwt_ = b;
         return b;
       } else {
@@ -622,23 +640,26 @@ public java.lang.String getSignedJwt() {
       }
     }
     /**
+     *
+     *
      * <pre>
      * The signed JWT.
      * </pre>
      *
      * <code>string signed_jwt = 2;</code>
      */
-    public Builder setSignedJwt(
-        java.lang.String value) {
+    public Builder setSignedJwt(java.lang.String value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  
+        throw new NullPointerException();
+      }
+
       signedJwt_ = value;
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The signed JWT.
      * </pre>
@@ -646,32 +667,33 @@ public Builder setSignedJwt(
      * <code>string signed_jwt = 2;</code>
      */
     public Builder clearSignedJwt() {
-      
+
       signedJwt_ = getDefaultInstance().getSignedJwt();
       onChanged();
       return this;
     }
     /**
+     *
+     *
      * <pre>
      * The signed JWT.
      * </pre>
      *
      * <code>string signed_jwt = 2;</code>
      */
-    public Builder setSignedJwtBytes(
-        com.google.protobuf.ByteString value) {
+    public Builder setSignedJwtBytes(com.google.protobuf.ByteString value) {
       if (value == null) {
-    throw new NullPointerException();
-  }
-  checkByteStringIsUtf8(value);
-      
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
       signedJwt_ = value;
       onChanged();
       return this;
     }
+
     @java.lang.Override
-    public final Builder setUnknownFields(
-        final com.google.protobuf.UnknownFieldSet unknownFields) {
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFieldsProto3(unknownFields);
     }
 
@@ -681,12 +703,12 @@ public final Builder mergeUnknownFields(
       return super.mergeUnknownFields(unknownFields);
     }
 
-
     // @@protoc_insertion_point(builder_scope:google.iam.credentials.v1.SignJwtResponse)
   }
 
   // @@protoc_insertion_point(class_scope:google.iam.credentials.v1.SignJwtResponse)
   private static final com.google.cloud.iam.credentials.v1.SignJwtResponse DEFAULT_INSTANCE;
+
   static {
     DEFAULT_INSTANCE = new com.google.cloud.iam.credentials.v1.SignJwtResponse();
   }
@@ -695,16 +717,16 @@ public static com.google.cloud.iam.credentials.v1.SignJwtResponse getDefaultInst
     return DEFAULT_INSTANCE;
   }
 
-  private static final com.google.protobuf.Parser<SignJwtResponse>
-      PARSER = new com.google.protobuf.AbstractParser<SignJwtResponse>() {
-    @java.lang.Override
-    public SignJwtResponse parsePartialFrom(
-        com.google.protobuf.CodedInputStream input,
-        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
-        throws com.google.protobuf.InvalidProtocolBufferException {
-      return new SignJwtResponse(input, extensionRegistry);
-    }
-  };
+  private static final com.google.protobuf.Parser<SignJwtResponse> PARSER =
+      new com.google.protobuf.AbstractParser<SignJwtResponse>() {
+        @java.lang.Override
+        public SignJwtResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          return new SignJwtResponse(input, extensionRegistry);
+        }
+      };
 
   public static com.google.protobuf.Parser<SignJwtResponse> parser() {
     return PARSER;
@@ -719,6 +741,4 @@ public com.google.protobuf.Parser<SignJwtResponse> getParserForType() {
   public com.google.cloud.iam.credentials.v1.SignJwtResponse getDefaultInstanceForType() {
     return DEFAULT_INSTANCE;
   }
-
 }
-
diff --git a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java
index f97af6135cf0..b888adf5f2e3 100644
--- a/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java
+++ b/google-api-grpc/proto-google-cloud-iamcredentials-v1/src/main/java/com/google/cloud/iam/credentials/v1/SignJwtResponseOrBuilder.java
@@ -3,11 +3,14 @@
 
 package com.google.cloud.iam.credentials.v1;
 
-public interface SignJwtResponseOrBuilder extends
+public interface SignJwtResponseOrBuilder
+    extends
     // @@protoc_insertion_point(interface_extends:google.iam.credentials.v1.SignJwtResponse)
     com.google.protobuf.MessageOrBuilder {
 
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the JWT.
    * </pre>
@@ -16,16 +19,19 @@ public interface SignJwtResponseOrBuilder extends
    */
   java.lang.String getKeyId();
   /**
+   *
+   *
    * <pre>
    * The ID of the key used to sign the JWT.
    * </pre>
    *
    * <code>string key_id = 1;</code>
    */
-  com.google.protobuf.ByteString
-      getKeyIdBytes();
+  com.google.protobuf.ByteString getKeyIdBytes();
 
   /**
+   *
+   *
    * <pre>
    * The signed JWT.
    * </pre>
@@ -34,12 +40,13 @@ public interface SignJwtResponseOrBuilder extends
    */
   java.lang.String getSignedJwt();
   /**
+   *
+   *
    * <pre>
    * The signed JWT.
    * </pre>
    *
    * <code>string signed_jwt = 2;</code>
    */
-  com.google.protobuf.ByteString
-      getSignedJwtBytes();
+  com.google.protobuf.ByteString getSignedJwtBytes();
 }

From 3ee34f5e5efd522bef4a0625f5c9ec3666857b43 Mon Sep 17 00:00:00 2001
From: Jeff Ching <chingor@google.com>
Date: Wed, 12 Dec 2018 14:58:47 -0800
Subject: [PATCH 9/9] Synth script should format java code

---
 .../iam/credentials/v1/IamCredentialsClient.java    |  6 +++---
 .../v1/stub/GrpcIamCredentialsCallableFactory.java  |  1 -
 .../google-cloud-iamcredentials/synth.metadata      |  2 +-
 .../google-cloud-iamcredentials/synth.py            | 13 +++++++++----
 4 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java
index f3383425bef4..9886cba6df55 100644
--- a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/IamCredentialsClient.java
@@ -61,13 +61,13 @@
  * methods:
  *
  * <ol>
- *   <li> A "flattened" method. With this type of method, the fields of the request type have been
+ *   <li>A "flattened" method. With this type of method, the fields of the request type have been
  *       converted into function parameters. It may be the case that not all fields are available as
  *       parameters, and not every API method will have a flattened method entry point.
- *   <li> A "request object" method. This type of method only takes one parameter, a request object,
+ *   <li>A "request object" method. This type of method only takes one parameter, a request object,
  *       which must be constructed before the call. Not every API method will have a request object
  *       method.
- *   <li> A "callable" method. This type of method takes no parameters and returns an immutable API
+ *   <li>A "callable" method. This type of method takes no parameters and returns an immutable API
  *       callable object, which can be used to initiate calls to the service.
  * </ol>
  *
diff --git a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java
index fd360085508a..38aa9a995eed 100644
--- a/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java
+++ b/google-cloud-clients/google-cloud-iamcredentials/src/main/java/com/google/cloud/iam/credentials/v1/stub/GrpcIamCredentialsCallableFactory.java
@@ -31,7 +31,6 @@
 import com.google.api.gax.rpc.StreamingCallSettings;
 import com.google.api.gax.rpc.UnaryCallSettings;
 import com.google.api.gax.rpc.UnaryCallable;
-import com.google.longrunning.Operation;
 import com.google.longrunning.stub.OperationsStub;
 import javax.annotation.Generated;
 
diff --git a/google-cloud-clients/google-cloud-iamcredentials/synth.metadata b/google-cloud-clients/google-cloud-iamcredentials/synth.metadata
index 8eab8381bb9d..4541e1ba854a 100644
--- a/google-cloud-clients/google-cloud-iamcredentials/synth.metadata
+++ b/google-cloud-clients/google-cloud-iamcredentials/synth.metadata
@@ -1,5 +1,5 @@
 {
-  "updateTime": "2018-12-12T22:32:58.895140Z",
+  "updateTime": "2018-12-12T22:58:16.947668Z",
   "sources": [
     {
       "generator": {
diff --git a/google-cloud-clients/google-cloud-iamcredentials/synth.py b/google-cloud-clients/google-cloud-iamcredentials/synth.py
index f6d75b3704a5..8377ae99a39e 100644
--- a/google-cloud-clients/google-cloud-iamcredentials/synth.py
+++ b/google-cloud-clients/google-cloud-iamcredentials/synth.py
@@ -16,20 +16,25 @@
 
 import synthtool as s
 import synthtool.gcp as gcp
+import synthtool.languages.java as java
 
 gapic = gcp.GAPICGenerator()
-common_templates = gcp.CommonTemplates()
 
-versions = ['v1']
 service = 'iamcredentials'
+versions = ['v1']
+config_pattern = '/google/iam/credentials/artman_iamcredentials_{version}.yaml'
 
 for version in versions:
     library = gapic.java_library(
         service=service,
         version=version,
-        config_path=f'/google/iam/credentials/artman_iamcredentials_v1.yaml',
+        config_path=config_pattern.format(version=version),
         artman_output_name='')
 
     s.copy(library / f'gapic-google-cloud-{service}-{version}/src', 'src')
     s.copy(library / f'grpc-google-cloud-{service}-{version}/src', f'../../google-api-grpc/grpc-google-cloud-{service}-{version}/src')
-    s.copy(library / f'proto-google-cloud-{service}-{version}/src', f'../../google-api-grpc/proto-google-cloud-{service}-{version}/src')
\ No newline at end of file
+    s.copy(library / f'proto-google-cloud-{service}-{version}/src', f'../../google-api-grpc/proto-google-cloud-{service}-{version}/src')
+
+    java.format_code('./src')
+    java.format_code(f'../../google-api-grpc/grpc-google-cloud-{service}-{version}/src')
+    java.format_code(f'../../google-api-grpc/proto-google-cloud-{service}-{version}/src')