From 7c4dfe5b6c4c3902422f67ac4427660b987c4e58 Mon Sep 17 00:00:00 2001
From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com>
Date: Tue, 11 Oct 2022 17:58:14 +0000
Subject: [PATCH] feat: add RetrieveLegacySecretKey method (#929)

- [ ] Regenerate this pull request now.

feat: add annotation reasons REFUND, REFUND_FRAUD, TRANSACTION_ACCEPTED, TRANSACTION_DECLINED and SOCIAL_SPAM

PiperOrigin-RevId: 480357575

Source-Link: https://togithub.com/googleapis/googleapis/commit/cbd4501e0c0f53ef459f4c54d8cc7bbf6586be55

Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/7155b97d98361f3fc44cc8cb53667498736a9bde
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiNzE1NWI5N2Q5ODM2MWYzZmM0NGNjOGNiNTM2Njc0OTg3MzZhOWJkZSJ9
---
 .../v1/RecaptchaEnterpriseServiceClient.java  | 148 +++-
 .../RecaptchaEnterpriseServiceSettings.java   |  16 +
 .../v1/gapic_metadata.json                    |   3 +
 .../GrpcRecaptchaEnterpriseServiceStub.java   |  41 ++
 .../stub/RecaptchaEnterpriseServiceStub.java  |   7 +
 ...ecaptchaEnterpriseServiceStubSettings.java |  30 +
 .../MockRecaptchaEnterpriseServiceImpl.java   |  24 +
 .../RecaptchaEnterpriseServiceClientTest.java |  80 +++
 .../v1/RecaptchaEnterpriseServiceGrpc.java    | 164 ++++-
 .../v1/AccountDefenderAssessment.java         |  26 +-
 .../v1/AnnotateAssessmentRequest.java         | 263 ++++---
 .../AnnotateAssessmentRequestOrBuilder.java   |  31 +-
 .../recaptchaenterprise/v1/Assessment.java    |  60 +-
 .../v1/AssessmentOrBuilder.java               |  15 +-
 .../google/recaptchaenterprise/v1/Event.java  | 163 +++--
 .../v1/EventOrBuilder.java                    |  46 +-
 ...RelatedAccountGroupMembershipsRequest.java |  60 +-
 ...countGroupMembershipsRequestOrBuilder.java |  16 +-
 .../v1/ListRelatedAccountGroupsRequest.java   |  84 +--
 ...tRelatedAccountGroupsRequestOrBuilder.java |  23 +-
 .../v1/PrivatePasswordLeakVerification.java   |  72 +-
 ...vatePasswordLeakVerificationOrBuilder.java |  20 +-
 .../v1/RecaptchaEnterpriseProto.java          | 634 +++++++++--------
 .../v1/RelatedAccountGroupMembership.java     |   8 +-
 ...elatedAccountGroupMembershipOrBuilder.java |   2 +-
 .../v1/RetrieveLegacySecretKeyRequest.java    | 644 +++++++++++++++++
 ...trieveLegacySecretKeyRequestOrBuilder.java |  56 ++
 .../v1/RetrieveLegacySecretKeyResponse.java   | 648 ++++++++++++++++++
 ...rieveLegacySecretKeyResponseOrBuilder.java |  56 ++
 ...RelatedAccountGroupMembershipsRequest.java |  80 ++-
 ...countGroupMembershipsRequestOrBuilder.java |  21 +-
 .../v1/TokenProperties.java                   |  14 +-
 .../v1/TokenPropertiesOrBuilder.java          |   4 +-
 .../v1/UpdateKeyRequest.java                  |  48 +-
 .../v1/UpdateKeyRequestOrBuilder.java         |  12 +-
 .../v1/recaptchaenterprise.proto              | 258 ++++---
 .../AsyncRetrieveLegacySecretKey.java         |  51 ++
 .../SyncRetrieveLegacySecretKey.java          |  48 ++
 .../SyncRetrieveLegacySecretKeyKeyname.java   |  44 ++
 .../SyncRetrieveLegacySecretKeyString.java    |  44 ++
 40 files changed, 3161 insertions(+), 903 deletions(-)
 create mode 100644 java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequest.java
 create mode 100644 java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequestOrBuilder.java
 create mode 100644 java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponse.java
 create mode 100644 java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponseOrBuilder.java
 create mode 100644 java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/AsyncRetrieveLegacySecretKey.java
 create mode 100644 java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKey.java
 create mode 100644 java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyKeyname.java
 create mode 100644 java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyString.java

diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClient.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClient.java
index 7ed6c2515df0..119077a342db 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClient.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClient.java
@@ -39,6 +39,7 @@
 import com.google.recaptchaenterprise.v1.GetKeyRequest;
 import com.google.recaptchaenterprise.v1.GetMetricsRequest;
 import com.google.recaptchaenterprise.v1.Key;
+import com.google.recaptchaenterprise.v1.KeyName;
 import com.google.recaptchaenterprise.v1.ListKeysRequest;
 import com.google.recaptchaenterprise.v1.ListKeysResponse;
 import com.google.recaptchaenterprise.v1.ListRelatedAccountGroupMembershipsRequest;
@@ -52,6 +53,8 @@
 import com.google.recaptchaenterprise.v1.RelatedAccountGroup;
 import com.google.recaptchaenterprise.v1.RelatedAccountGroupMembership;
 import com.google.recaptchaenterprise.v1.RelatedAccountGroupName;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsResponse;
 import com.google.recaptchaenterprise.v1.UpdateKeyRequest;
@@ -626,6 +629,133 @@ public final UnaryCallable<ListKeysRequest, ListKeysResponse> listKeysCallable()
     return stub.listKeysCallable();
   }
 
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Returns the secret key related to the specified public key. You must use the legacy secret key
+   * only in a 3rd party integration with legacy reCAPTCHA.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated and should be regarded as a code template only.
+   * // It will require modifications to work:
+   * // - It may require correct/in-range values for request initialization.
+   * // - It may require specifying regional endpoints when creating the service client as shown in
+   * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+   * try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+   *     RecaptchaEnterpriseServiceClient.create()) {
+   *   KeyName key = KeyName.of("[PROJECT]", "[KEY]");
+   *   RetrieveLegacySecretKeyResponse response =
+   *       recaptchaEnterpriseServiceClient.retrieveLegacySecretKey(key);
+   * }
+   * }</pre>
+   *
+   * @param key Required. The public key name linked to the requested secret key in the format
+   *     "projects/{project}/keys/{key}".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final RetrieveLegacySecretKeyResponse retrieveLegacySecretKey(KeyName key) {
+    RetrieveLegacySecretKeyRequest request =
+        RetrieveLegacySecretKeyRequest.newBuilder()
+            .setKey(key == null ? null : key.toString())
+            .build();
+    return retrieveLegacySecretKey(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Returns the secret key related to the specified public key. You must use the legacy secret key
+   * only in a 3rd party integration with legacy reCAPTCHA.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated and should be regarded as a code template only.
+   * // It will require modifications to work:
+   * // - It may require correct/in-range values for request initialization.
+   * // - It may require specifying regional endpoints when creating the service client as shown in
+   * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+   * try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+   *     RecaptchaEnterpriseServiceClient.create()) {
+   *   String key = KeyName.of("[PROJECT]", "[KEY]").toString();
+   *   RetrieveLegacySecretKeyResponse response =
+   *       recaptchaEnterpriseServiceClient.retrieveLegacySecretKey(key);
+   * }
+   * }</pre>
+   *
+   * @param key Required. The public key name linked to the requested secret key in the format
+   *     "projects/{project}/keys/{key}".
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final RetrieveLegacySecretKeyResponse retrieveLegacySecretKey(String key) {
+    RetrieveLegacySecretKeyRequest request =
+        RetrieveLegacySecretKeyRequest.newBuilder().setKey(key).build();
+    return retrieveLegacySecretKey(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Returns the secret key related to the specified public key. You must use the legacy secret key
+   * only in a 3rd party integration with legacy reCAPTCHA.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated and should be regarded as a code template only.
+   * // It will require modifications to work:
+   * // - It may require correct/in-range values for request initialization.
+   * // - It may require specifying regional endpoints when creating the service client as shown in
+   * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+   * try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+   *     RecaptchaEnterpriseServiceClient.create()) {
+   *   RetrieveLegacySecretKeyRequest request =
+   *       RetrieveLegacySecretKeyRequest.newBuilder()
+   *           .setKey(KeyName.of("[PROJECT]", "[KEY]").toString())
+   *           .build();
+   *   RetrieveLegacySecretKeyResponse response =
+   *       recaptchaEnterpriseServiceClient.retrieveLegacySecretKey(request);
+   * }
+   * }</pre>
+   *
+   * @param request The request object containing all of the parameters for the API call.
+   * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+   */
+  public final RetrieveLegacySecretKeyResponse retrieveLegacySecretKey(
+      RetrieveLegacySecretKeyRequest request) {
+    return retrieveLegacySecretKeyCallable().call(request);
+  }
+
+  // AUTO-GENERATED DOCUMENTATION AND METHOD.
+  /**
+   * Returns the secret key related to the specified public key. You must use the legacy secret key
+   * only in a 3rd party integration with legacy reCAPTCHA.
+   *
+   * <p>Sample code:
+   *
+   * <pre>{@code
+   * // This snippet has been automatically generated and should be regarded as a code template only.
+   * // It will require modifications to work:
+   * // - It may require correct/in-range values for request initialization.
+   * // - It may require specifying regional endpoints when creating the service client as shown in
+   * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+   * try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+   *     RecaptchaEnterpriseServiceClient.create()) {
+   *   RetrieveLegacySecretKeyRequest request =
+   *       RetrieveLegacySecretKeyRequest.newBuilder()
+   *           .setKey(KeyName.of("[PROJECT]", "[KEY]").toString())
+   *           .build();
+   *   ApiFuture<RetrieveLegacySecretKeyResponse> future =
+   *       recaptchaEnterpriseServiceClient.retrieveLegacySecretKeyCallable().futureCall(request);
+   *   // Do something.
+   *   RetrieveLegacySecretKeyResponse response = future.get();
+   * }
+   * }</pre>
+   */
+  public final UnaryCallable<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeyCallable() {
+    return stub.retrieveLegacySecretKeyCallable();
+  }
+
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
    * Returns the specified key.
@@ -1156,7 +1286,7 @@ public final ListRelatedAccountGroupsPagedResponse listRelatedAccountGroups(
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Get the memberships in a group of related accounts.
+   * Get memberships in a group of related accounts.
    *
    * <p>Sample code:
    *
@@ -1194,7 +1324,7 @@ public final ListRelatedAccountGroupMembershipsPagedResponse listRelatedAccountG
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Get the memberships in a group of related accounts.
+   * Get memberships in a group of related accounts.
    *
    * <p>Sample code:
    *
@@ -1229,7 +1359,7 @@ public final ListRelatedAccountGroupMembershipsPagedResponse listRelatedAccountG
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Get the memberships in a group of related accounts.
+   * Get memberships in a group of related accounts.
    *
    * <p>Sample code:
    *
@@ -1267,7 +1397,7 @@ public final ListRelatedAccountGroupMembershipsPagedResponse listRelatedAccountG
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Get the memberships in a group of related accounts.
+   * Get memberships in a group of related accounts.
    *
    * <p>Sample code:
    *
@@ -1306,7 +1436,7 @@ public final ListRelatedAccountGroupMembershipsPagedResponse listRelatedAccountG
 
   // AUTO-GENERATED DOCUMENTATION AND METHOD.
   /**
-   * Get the memberships in a group of related accounts.
+   * Get memberships in a group of related accounts.
    *
    * <p>Sample code:
    *
@@ -1377,10 +1507,10 @@ public final ListRelatedAccountGroupMembershipsPagedResponse listRelatedAccountG
    * }</pre>
    *
    * @param project Required. The name of the project to search related account group memberships
-   *     from, in the format "projects/{project}".
+   *     from. Specify the project name in the following format: "projects/{project}".
    * @param hashedAccountId Optional. The unique stable hashed user identifier we should search
    *     connections to. The identifier should correspond to a `hashed_account_id` provided in a
-   *     previous CreateAssessment or AnnotateAssessment call.
+   *     previous `CreateAssessment` or `AnnotateAssessment` call.
    * @throws com.google.api.gax.rpc.ApiException if the remote call fails
    */
   public final SearchRelatedAccountGroupMembershipsPagedResponse
@@ -1420,10 +1550,10 @@ public final ListRelatedAccountGroupMembershipsPagedResponse listRelatedAccountG
    * }</pre>
    *
    * @param project Required. The name of the project to search related account group memberships
-   *     from, in the format "projects/{project}".
+   *     from. Specify the project name in the following format: "projects/{project}".
    * @param hashedAccountId Optional. The unique stable hashed user identifier we should search
    *     connections to. The identifier should correspond to a `hashed_account_id` provided in a
-   *     previous CreateAssessment or AnnotateAssessment call.
+   *     previous `CreateAssessment` or `AnnotateAssessment` call.
    * @throws com.google.api.gax.rpc.ApiException if the remote call fails
    */
   public final SearchRelatedAccountGroupMembershipsPagedResponse
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceSettings.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceSettings.java
index 52d938e860ca..ceae6380e0ce 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceSettings.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceSettings.java
@@ -51,6 +51,8 @@
 import com.google.recaptchaenterprise.v1.ListRelatedAccountGroupsResponse;
 import com.google.recaptchaenterprise.v1.Metrics;
 import com.google.recaptchaenterprise.v1.MigrateKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsResponse;
 import com.google.recaptchaenterprise.v1.UpdateKeyRequest;
@@ -124,6 +126,13 @@ public UnaryCallSettings<CreateKeyRequest, Key> createKeySettings() {
     return ((RecaptchaEnterpriseServiceStubSettings) getStubSettings()).listKeysSettings();
   }
 
+  /** Returns the object with the settings used for calls to retrieveLegacySecretKey. */
+  public UnaryCallSettings<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeySettings() {
+    return ((RecaptchaEnterpriseServiceStubSettings) getStubSettings())
+        .retrieveLegacySecretKeySettings();
+  }
+
   /** Returns the object with the settings used for calls to getKey. */
   public UnaryCallSettings<GetKeyRequest, Key> getKeySettings() {
     return ((RecaptchaEnterpriseServiceStubSettings) getStubSettings()).getKeySettings();
@@ -302,6 +311,13 @@ public UnaryCallSettings.Builder<CreateKeyRequest, Key> createKeySettings() {
       return getStubSettingsBuilder().listKeysSettings();
     }
 
+    /** Returns the builder for the settings used for calls to retrieveLegacySecretKey. */
+    public UnaryCallSettings.Builder<
+            RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+        retrieveLegacySecretKeySettings() {
+      return getStubSettingsBuilder().retrieveLegacySecretKeySettings();
+    }
+
     /** Returns the builder for the settings used for calls to getKey. */
     public UnaryCallSettings.Builder<GetKeyRequest, Key> getKeySettings() {
       return getStubSettingsBuilder().getKeySettings();
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/gapic_metadata.json b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/gapic_metadata.json
index d0df1484b2e2..56801a2e97c9 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/gapic_metadata.json
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/gapic_metadata.json
@@ -40,6 +40,9 @@
             "MigrateKey": {
               "methods": ["migrateKey", "migrateKeyCallable"]
             },
+            "RetrieveLegacySecretKey": {
+              "methods": ["retrieveLegacySecretKey", "retrieveLegacySecretKey", "retrieveLegacySecretKey", "retrieveLegacySecretKeyCallable"]
+            },
             "SearchRelatedAccountGroupMemberships": {
               "methods": ["searchRelatedAccountGroupMemberships", "searchRelatedAccountGroupMemberships", "searchRelatedAccountGroupMemberships", "searchRelatedAccountGroupMembershipsPagedCallable", "searchRelatedAccountGroupMembershipsCallable"]
             },
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/GrpcRecaptchaEnterpriseServiceStub.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/GrpcRecaptchaEnterpriseServiceStub.java
index e40311bd12a7..55e67f7feb53 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/GrpcRecaptchaEnterpriseServiceStub.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/GrpcRecaptchaEnterpriseServiceStub.java
@@ -47,6 +47,8 @@
 import com.google.recaptchaenterprise.v1.ListRelatedAccountGroupsResponse;
 import com.google.recaptchaenterprise.v1.Metrics;
 import com.google.recaptchaenterprise.v1.MigrateKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsResponse;
 import com.google.recaptchaenterprise.v1.UpdateKeyRequest;
@@ -106,6 +108,20 @@ public class GrpcRecaptchaEnterpriseServiceStub extends RecaptchaEnterpriseServi
               .setResponseMarshaller(ProtoUtils.marshaller(ListKeysResponse.getDefaultInstance()))
               .build();
 
+  private static final MethodDescriptor<
+          RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeyMethodDescriptor =
+          MethodDescriptor
+              .<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>newBuilder()
+              .setType(MethodDescriptor.MethodType.UNARY)
+              .setFullMethodName(
+                  "google.cloud.recaptchaenterprise.v1.RecaptchaEnterpriseService/RetrieveLegacySecretKey")
+              .setRequestMarshaller(
+                  ProtoUtils.marshaller(RetrieveLegacySecretKeyRequest.getDefaultInstance()))
+              .setResponseMarshaller(
+                  ProtoUtils.marshaller(RetrieveLegacySecretKeyResponse.getDefaultInstance()))
+              .build();
+
   private static final MethodDescriptor<GetKeyRequest, Key> getKeyMethodDescriptor =
       MethodDescriptor.<GetKeyRequest, Key>newBuilder()
           .setType(MethodDescriptor.MethodType.UNARY)
@@ -207,6 +223,8 @@ public class GrpcRecaptchaEnterpriseServiceStub extends RecaptchaEnterpriseServi
   private final UnaryCallable<CreateKeyRequest, Key> createKeyCallable;
   private final UnaryCallable<ListKeysRequest, ListKeysResponse> listKeysCallable;
   private final UnaryCallable<ListKeysRequest, ListKeysPagedResponse> listKeysPagedCallable;
+  private final UnaryCallable<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeyCallable;
   private final UnaryCallable<GetKeyRequest, Key> getKeyCallable;
   private final UnaryCallable<UpdateKeyRequest, Key> updateKeyCallable;
   private final UnaryCallable<DeleteKeyRequest, Empty> deleteKeyCallable;
@@ -320,6 +338,18 @@ protected GrpcRecaptchaEnterpriseServiceStub(
                   return params.build();
                 })
             .build();
+    GrpcCallSettings<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+        retrieveLegacySecretKeyTransportSettings =
+            GrpcCallSettings
+                .<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>newBuilder()
+                .setMethodDescriptor(retrieveLegacySecretKeyMethodDescriptor)
+                .setParamsExtractor(
+                    request -> {
+                      ImmutableMap.Builder<String, String> params = ImmutableMap.builder();
+                      params.put("key", String.valueOf(request.getKey()));
+                      return params.build();
+                    })
+                .build();
     GrpcCallSettings<GetKeyRequest, Key> getKeyTransportSettings =
         GrpcCallSettings.<GetKeyRequest, Key>newBuilder()
             .setMethodDescriptor(getKeyMethodDescriptor)
@@ -431,6 +461,11 @@ protected GrpcRecaptchaEnterpriseServiceStub(
     this.listKeysPagedCallable =
         callableFactory.createPagedCallable(
             listKeysTransportSettings, settings.listKeysSettings(), clientContext);
+    this.retrieveLegacySecretKeyCallable =
+        callableFactory.createUnaryCallable(
+            retrieveLegacySecretKeyTransportSettings,
+            settings.retrieveLegacySecretKeySettings(),
+            clientContext);
     this.getKeyCallable =
         callableFactory.createUnaryCallable(
             getKeyTransportSettings, settings.getKeySettings(), clientContext);
@@ -511,6 +546,12 @@ public UnaryCallable<ListKeysRequest, ListKeysPagedResponse> listKeysPagedCallab
     return listKeysPagedCallable;
   }
 
+  @Override
+  public UnaryCallable<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeyCallable() {
+    return retrieveLegacySecretKeyCallable;
+  }
+
   @Override
   public UnaryCallable<GetKeyRequest, Key> getKeyCallable() {
     return getKeyCallable;
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStub.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStub.java
index d07d3dba7d72..310a73d340d6 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStub.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStub.java
@@ -41,6 +41,8 @@
 import com.google.recaptchaenterprise.v1.ListRelatedAccountGroupsResponse;
 import com.google.recaptchaenterprise.v1.Metrics;
 import com.google.recaptchaenterprise.v1.MigrateKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsResponse;
 import com.google.recaptchaenterprise.v1.UpdateKeyRequest;
@@ -76,6 +78,11 @@ public UnaryCallable<ListKeysRequest, ListKeysResponse> listKeysCallable() {
     throw new UnsupportedOperationException("Not implemented: listKeysCallable()");
   }
 
+  public UnaryCallable<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeyCallable() {
+    throw new UnsupportedOperationException("Not implemented: retrieveLegacySecretKeyCallable()");
+  }
+
   public UnaryCallable<GetKeyRequest, Key> getKeyCallable() {
     throw new UnsupportedOperationException("Not implemented: getKeyCallable()");
   }
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStubSettings.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStubSettings.java
index 8ae392c209ac..9b2eb451fe67 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStubSettings.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/main/java/com/google/cloud/recaptchaenterprise/v1/stub/RecaptchaEnterpriseServiceStubSettings.java
@@ -67,6 +67,8 @@
 import com.google.recaptchaenterprise.v1.MigrateKeyRequest;
 import com.google.recaptchaenterprise.v1.RelatedAccountGroup;
 import com.google.recaptchaenterprise.v1.RelatedAccountGroupMembership;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsResponse;
 import com.google.recaptchaenterprise.v1.UpdateKeyRequest;
@@ -127,6 +129,8 @@ public class RecaptchaEnterpriseServiceStubSettings
   private final UnaryCallSettings<CreateKeyRequest, Key> createKeySettings;
   private final PagedCallSettings<ListKeysRequest, ListKeysResponse, ListKeysPagedResponse>
       listKeysSettings;
+  private final UnaryCallSettings<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeySettings;
   private final UnaryCallSettings<GetKeyRequest, Key> getKeySettings;
   private final UnaryCallSettings<UpdateKeyRequest, Key> updateKeySettings;
   private final UnaryCallSettings<DeleteKeyRequest, Empty> deleteKeySettings;
@@ -462,6 +466,12 @@ public UnaryCallSettings<CreateKeyRequest, Key> createKeySettings() {
     return listKeysSettings;
   }
 
+  /** Returns the object with the settings used for calls to retrieveLegacySecretKey. */
+  public UnaryCallSettings<RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+      retrieveLegacySecretKeySettings() {
+    return retrieveLegacySecretKeySettings;
+  }
+
   /** Returns the object with the settings used for calls to getKey. */
   public UnaryCallSettings<GetKeyRequest, Key> getKeySettings() {
     return getKeySettings;
@@ -595,6 +605,7 @@ protected RecaptchaEnterpriseServiceStubSettings(Builder settingsBuilder) throws
     annotateAssessmentSettings = settingsBuilder.annotateAssessmentSettings().build();
     createKeySettings = settingsBuilder.createKeySettings().build();
     listKeysSettings = settingsBuilder.listKeysSettings().build();
+    retrieveLegacySecretKeySettings = settingsBuilder.retrieveLegacySecretKeySettings().build();
     getKeySettings = settingsBuilder.getKeySettings().build();
     updateKeySettings = settingsBuilder.updateKeySettings().build();
     deleteKeySettings = settingsBuilder.deleteKeySettings().build();
@@ -619,6 +630,9 @@ public static class Builder
     private final PagedCallSettings.Builder<
             ListKeysRequest, ListKeysResponse, ListKeysPagedResponse>
         listKeysSettings;
+    private final UnaryCallSettings.Builder<
+            RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+        retrieveLegacySecretKeySettings;
     private final UnaryCallSettings.Builder<GetKeyRequest, Key> getKeySettings;
     private final UnaryCallSettings.Builder<UpdateKeyRequest, Key> updateKeySettings;
     private final UnaryCallSettings.Builder<DeleteKeyRequest, Empty> deleteKeySettings;
@@ -680,6 +694,7 @@ protected Builder(ClientContext clientContext) {
       annotateAssessmentSettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
       createKeySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
       listKeysSettings = PagedCallSettings.newBuilder(LIST_KEYS_PAGE_STR_FACT);
+      retrieveLegacySecretKeySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
       getKeySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
       updateKeySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
       deleteKeySettings = UnaryCallSettings.newUnaryCallSettingsBuilder();
@@ -698,6 +713,7 @@ protected Builder(ClientContext clientContext) {
               annotateAssessmentSettings,
               createKeySettings,
               listKeysSettings,
+              retrieveLegacySecretKeySettings,
               getKeySettings,
               updateKeySettings,
               deleteKeySettings,
@@ -716,6 +732,7 @@ protected Builder(RecaptchaEnterpriseServiceStubSettings settings) {
       annotateAssessmentSettings = settings.annotateAssessmentSettings.toBuilder();
       createKeySettings = settings.createKeySettings.toBuilder();
       listKeysSettings = settings.listKeysSettings.toBuilder();
+      retrieveLegacySecretKeySettings = settings.retrieveLegacySecretKeySettings.toBuilder();
       getKeySettings = settings.getKeySettings.toBuilder();
       updateKeySettings = settings.updateKeySettings.toBuilder();
       deleteKeySettings = settings.deleteKeySettings.toBuilder();
@@ -733,6 +750,7 @@ protected Builder(RecaptchaEnterpriseServiceStubSettings settings) {
               annotateAssessmentSettings,
               createKeySettings,
               listKeysSettings,
+              retrieveLegacySecretKeySettings,
               getKeySettings,
               updateKeySettings,
               deleteKeySettings,
@@ -777,6 +795,11 @@ private static Builder initDefaults(Builder builder) {
           .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
           .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_0_params"));
 
+      builder
+          .retrieveLegacySecretKeySettings()
+          .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_codes"))
+          .setRetrySettings(RETRY_PARAM_DEFINITIONS.get("no_retry_params"));
+
       builder
           .getKeySettings()
           .setRetryableCodes(RETRYABLE_CODE_DEFINITIONS.get("no_retry_0_codes"))
@@ -858,6 +881,13 @@ public UnaryCallSettings.Builder<CreateKeyRequest, Key> createKeySettings() {
       return listKeysSettings;
     }
 
+    /** Returns the builder for the settings used for calls to retrieveLegacySecretKey. */
+    public UnaryCallSettings.Builder<
+            RetrieveLegacySecretKeyRequest, RetrieveLegacySecretKeyResponse>
+        retrieveLegacySecretKeySettings() {
+      return retrieveLegacySecretKeySettings;
+    }
+
     /** Returns the builder for the settings used for calls to getKey. */
     public UnaryCallSettings.Builder<GetKeyRequest, Key> getKeySettings() {
       return getKeySettings;
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/MockRecaptchaEnterpriseServiceImpl.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/MockRecaptchaEnterpriseServiceImpl.java
index ed3846b1f77d..8d9c92f1457d 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/MockRecaptchaEnterpriseServiceImpl.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/MockRecaptchaEnterpriseServiceImpl.java
@@ -37,6 +37,8 @@
 import com.google.recaptchaenterprise.v1.Metrics;
 import com.google.recaptchaenterprise.v1.MigrateKeyRequest;
 import com.google.recaptchaenterprise.v1.RecaptchaEnterpriseServiceGrpc.RecaptchaEnterpriseServiceImplBase;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsResponse;
 import com.google.recaptchaenterprise.v1.UpdateKeyRequest;
@@ -162,6 +164,28 @@ public void listKeys(ListKeysRequest request, StreamObserver<ListKeysResponse> r
     }
   }
 
+  @Override
+  public void retrieveLegacySecretKey(
+      RetrieveLegacySecretKeyRequest request,
+      StreamObserver<RetrieveLegacySecretKeyResponse> responseObserver) {
+    Object response = responses.poll();
+    if (response instanceof RetrieveLegacySecretKeyResponse) {
+      requests.add(request);
+      responseObserver.onNext(((RetrieveLegacySecretKeyResponse) response));
+      responseObserver.onCompleted();
+    } else if (response instanceof Exception) {
+      responseObserver.onError(((Exception) response));
+    } else {
+      responseObserver.onError(
+          new IllegalArgumentException(
+              String.format(
+                  "Unrecognized response type %s for method RetrieveLegacySecretKey, expected %s or %s",
+                  response == null ? "null" : response.getClass().getName(),
+                  RetrieveLegacySecretKeyResponse.class.getName(),
+                  Exception.class.getName())));
+    }
+  }
+
   @Override
   public void getKey(GetKeyRequest request, StreamObserver<Key> responseObserver) {
     Object response = responses.poll();
diff --git a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClientTest.java b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClientTest.java
index 631a9ea13ba8..6e4cf03abea7 100644
--- a/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClientTest.java
+++ b/java-recaptchaenterprise/google-cloud-recaptchaenterprise/src/test/java/com/google/cloud/recaptchaenterprise/v1/RecaptchaEnterpriseServiceClientTest.java
@@ -62,6 +62,8 @@
 import com.google.recaptchaenterprise.v1.RelatedAccountGroup;
 import com.google.recaptchaenterprise.v1.RelatedAccountGroupMembership;
 import com.google.recaptchaenterprise.v1.RelatedAccountGroupName;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
 import com.google.recaptchaenterprise.v1.RiskAnalysis;
 import com.google.recaptchaenterprise.v1.ScoreMetrics;
 import com.google.recaptchaenterprise.v1.SearchRelatedAccountGroupMembershipsRequest;
@@ -406,6 +408,84 @@ public void listKeysExceptionTest() throws Exception {
     }
   }
 
+  @Test
+  public void retrieveLegacySecretKeyTest() throws Exception {
+    RetrieveLegacySecretKeyResponse expectedResponse =
+        RetrieveLegacySecretKeyResponse.newBuilder()
+            .setLegacySecretKey("legacySecretKey1016952774")
+            .build();
+    mockRecaptchaEnterpriseService.addResponse(expectedResponse);
+
+    KeyName key = KeyName.of("[PROJECT]", "[KEY]");
+
+    RetrieveLegacySecretKeyResponse actualResponse = client.retrieveLegacySecretKey(key);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockRecaptchaEnterpriseService.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    RetrieveLegacySecretKeyRequest actualRequest =
+        ((RetrieveLegacySecretKeyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(key.toString(), actualRequest.getKey());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void retrieveLegacySecretKeyExceptionTest() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockRecaptchaEnterpriseService.addException(exception);
+
+    try {
+      KeyName key = KeyName.of("[PROJECT]", "[KEY]");
+      client.retrieveLegacySecretKey(key);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
+  @Test
+  public void retrieveLegacySecretKeyTest2() throws Exception {
+    RetrieveLegacySecretKeyResponse expectedResponse =
+        RetrieveLegacySecretKeyResponse.newBuilder()
+            .setLegacySecretKey("legacySecretKey1016952774")
+            .build();
+    mockRecaptchaEnterpriseService.addResponse(expectedResponse);
+
+    String key = "key106079";
+
+    RetrieveLegacySecretKeyResponse actualResponse = client.retrieveLegacySecretKey(key);
+    Assert.assertEquals(expectedResponse, actualResponse);
+
+    List<AbstractMessage> actualRequests = mockRecaptchaEnterpriseService.getRequests();
+    Assert.assertEquals(1, actualRequests.size());
+    RetrieveLegacySecretKeyRequest actualRequest =
+        ((RetrieveLegacySecretKeyRequest) actualRequests.get(0));
+
+    Assert.assertEquals(key, actualRequest.getKey());
+    Assert.assertTrue(
+        channelProvider.isHeaderSent(
+            ApiClientHeaderProvider.getDefaultApiClientHeaderKey(),
+            GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
+  }
+
+  @Test
+  public void retrieveLegacySecretKeyExceptionTest2() throws Exception {
+    StatusRuntimeException exception = new StatusRuntimeException(io.grpc.Status.INVALID_ARGUMENT);
+    mockRecaptchaEnterpriseService.addException(exception);
+
+    try {
+      String key = "key106079";
+      client.retrieveLegacySecretKey(key);
+      Assert.fail("No exception raised");
+    } catch (InvalidArgumentException e) {
+      // Expected exception.
+    }
+  }
+
   @Test
   public void getKeyTest() throws Exception {
     Key expectedResponse =
diff --git a/java-recaptchaenterprise/grpc-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseServiceGrpc.java b/java-recaptchaenterprise/grpc-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseServiceGrpc.java
index abaa01bb0ea0..74a8d5a1328b 100644
--- a/java-recaptchaenterprise/grpc-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseServiceGrpc.java
+++ b/java-recaptchaenterprise/grpc-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseServiceGrpc.java
@@ -227,6 +227,59 @@ private RecaptchaEnterpriseServiceGrpc() {}
     return getListKeysMethod;
   }
 
+  private static volatile io.grpc.MethodDescriptor<
+          com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest,
+          com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+      getRetrieveLegacySecretKeyMethod;
+
+  @io.grpc.stub.annotations.RpcMethod(
+      fullMethodName = SERVICE_NAME + '/' + "RetrieveLegacySecretKey",
+      requestType = com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.class,
+      responseType = com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.class,
+      methodType = io.grpc.MethodDescriptor.MethodType.UNARY)
+  public static io.grpc.MethodDescriptor<
+          com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest,
+          com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+      getRetrieveLegacySecretKeyMethod() {
+    io.grpc.MethodDescriptor<
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest,
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+        getRetrieveLegacySecretKeyMethod;
+    if ((getRetrieveLegacySecretKeyMethod =
+            RecaptchaEnterpriseServiceGrpc.getRetrieveLegacySecretKeyMethod)
+        == null) {
+      synchronized (RecaptchaEnterpriseServiceGrpc.class) {
+        if ((getRetrieveLegacySecretKeyMethod =
+                RecaptchaEnterpriseServiceGrpc.getRetrieveLegacySecretKeyMethod)
+            == null) {
+          RecaptchaEnterpriseServiceGrpc.getRetrieveLegacySecretKeyMethod =
+              getRetrieveLegacySecretKeyMethod =
+                  io.grpc.MethodDescriptor
+                      .<com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest,
+                          com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+                          newBuilder()
+                      .setType(io.grpc.MethodDescriptor.MethodType.UNARY)
+                      .setFullMethodName(
+                          generateFullMethodName(SERVICE_NAME, "RetrieveLegacySecretKey"))
+                      .setSampledToLocalTracing(true)
+                      .setRequestMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest
+                                  .getDefaultInstance()))
+                      .setResponseMarshaller(
+                          io.grpc.protobuf.ProtoUtils.marshaller(
+                              com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+                                  .getDefaultInstance()))
+                      .setSchemaDescriptor(
+                          new RecaptchaEnterpriseServiceMethodDescriptorSupplier(
+                              "RetrieveLegacySecretKey"))
+                      .build();
+        }
+      }
+    }
+    return getRetrieveLegacySecretKeyMethod;
+  }
+
   private static volatile io.grpc.MethodDescriptor<
           com.google.recaptchaenterprise.v1.GetKeyRequest, com.google.recaptchaenterprise.v1.Key>
       getGetKeyMethod;
@@ -727,6 +780,24 @@ public void listKeys(
       io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(getListKeysMethod(), responseObserver);
     }
 
+    /**
+     *
+     *
+     * <pre>
+     * Returns the secret key related to the specified public key.
+     * You must use the legacy secret key only in a 3rd party integration with
+     * legacy reCAPTCHA.
+     * </pre>
+     */
+    public void retrieveLegacySecretKey(
+        com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+            responseObserver) {
+      io.grpc.stub.ServerCalls.asyncUnimplementedUnaryCall(
+          getRetrieveLegacySecretKeyMethod(), responseObserver);
+    }
+
     /**
      *
      *
@@ -818,7 +889,7 @@ public void listRelatedAccountGroups(
      *
      *
      * <pre>
-     * Get the memberships in a group of related accounts.
+     * Get memberships in a group of related accounts.
      * </pre>
      */
     public void listRelatedAccountGroupMemberships(
@@ -876,6 +947,13 @@ public final io.grpc.ServerServiceDefinition bindService() {
                       com.google.recaptchaenterprise.v1.ListKeysRequest,
                       com.google.recaptchaenterprise.v1.ListKeysResponse>(
                       this, METHODID_LIST_KEYS)))
+          .addMethod(
+              getRetrieveLegacySecretKeyMethod(),
+              io.grpc.stub.ServerCalls.asyncUnaryCall(
+                  new MethodHandlers<
+                      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest,
+                      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>(
+                      this, METHODID_RETRIEVE_LEGACY_SECRET_KEY)))
           .addMethod(
               getGetKeyMethod(),
               io.grpc.stub.ServerCalls.asyncUnaryCall(
@@ -1016,6 +1094,26 @@ public void listKeys(
           getChannel().newCall(getListKeysMethod(), getCallOptions()), request, responseObserver);
     }
 
+    /**
+     *
+     *
+     * <pre>
+     * Returns the secret key related to the specified public key.
+     * You must use the legacy secret key only in a 3rd party integration with
+     * legacy reCAPTCHA.
+     * </pre>
+     */
+    public void retrieveLegacySecretKey(
+        com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest request,
+        io.grpc.stub.StreamObserver<
+                com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+            responseObserver) {
+      io.grpc.stub.ClientCalls.asyncUnaryCall(
+          getChannel().newCall(getRetrieveLegacySecretKeyMethod(), getCallOptions()),
+          request,
+          responseObserver);
+    }
+
     /**
      *
      *
@@ -1114,7 +1212,7 @@ public void listRelatedAccountGroups(
      *
      *
      * <pre>
-     * Get the memberships in a group of related accounts.
+     * Get memberships in a group of related accounts.
      * </pre>
      */
     public void listRelatedAccountGroupMemberships(
@@ -1220,6 +1318,22 @@ public com.google.recaptchaenterprise.v1.ListKeysResponse listKeys(
           getChannel(), getListKeysMethod(), getCallOptions(), request);
     }
 
+    /**
+     *
+     *
+     * <pre>
+     * Returns the secret key related to the specified public key.
+     * You must use the legacy secret key only in a 3rd party integration with
+     * legacy reCAPTCHA.
+     * </pre>
+     */
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+        retrieveLegacySecretKey(
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest request) {
+      return io.grpc.stub.ClientCalls.blockingUnaryCall(
+          getChannel(), getRetrieveLegacySecretKeyMethod(), getCallOptions(), request);
+    }
+
     /**
      *
      *
@@ -1309,7 +1423,7 @@ public com.google.recaptchaenterprise.v1.Metrics getMetrics(
      *
      *
      * <pre>
-     * Get the memberships in a group of related accounts.
+     * Get memberships in a group of related accounts.
      * </pre>
      */
     public com.google.recaptchaenterprise.v1.ListRelatedAccountGroupMembershipsResponse
@@ -1410,6 +1524,23 @@ protected RecaptchaEnterpriseServiceFutureStub build(
           getChannel().newCall(getListKeysMethod(), getCallOptions()), request);
     }
 
+    /**
+     *
+     *
+     * <pre>
+     * Returns the secret key related to the specified public key.
+     * You must use the legacy secret key only in a 3rd party integration with
+     * legacy reCAPTCHA.
+     * </pre>
+     */
+    public com.google.common.util.concurrent.ListenableFuture<
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>
+        retrieveLegacySecretKey(
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest request) {
+      return io.grpc.stub.ClientCalls.futureUnaryCall(
+          getChannel().newCall(getRetrieveLegacySecretKeyMethod(), getCallOptions()), request);
+    }
+
     /**
      *
      *
@@ -1501,7 +1632,7 @@ public com.google.common.util.concurrent.ListenableFuture<com.google.protobuf.Em
      *
      *
      * <pre>
-     * Get the memberships in a group of related accounts.
+     * Get memberships in a group of related accounts.
      * </pre>
      */
     public com.google.common.util.concurrent.ListenableFuture<
@@ -1534,14 +1665,15 @@ public com.google.common.util.concurrent.ListenableFuture<com.google.protobuf.Em
   private static final int METHODID_ANNOTATE_ASSESSMENT = 1;
   private static final int METHODID_CREATE_KEY = 2;
   private static final int METHODID_LIST_KEYS = 3;
-  private static final int METHODID_GET_KEY = 4;
-  private static final int METHODID_UPDATE_KEY = 5;
-  private static final int METHODID_DELETE_KEY = 6;
-  private static final int METHODID_MIGRATE_KEY = 7;
-  private static final int METHODID_GET_METRICS = 8;
-  private static final int METHODID_LIST_RELATED_ACCOUNT_GROUPS = 9;
-  private static final int METHODID_LIST_RELATED_ACCOUNT_GROUP_MEMBERSHIPS = 10;
-  private static final int METHODID_SEARCH_RELATED_ACCOUNT_GROUP_MEMBERSHIPS = 11;
+  private static final int METHODID_RETRIEVE_LEGACY_SECRET_KEY = 4;
+  private static final int METHODID_GET_KEY = 5;
+  private static final int METHODID_UPDATE_KEY = 6;
+  private static final int METHODID_DELETE_KEY = 7;
+  private static final int METHODID_MIGRATE_KEY = 8;
+  private static final int METHODID_GET_METRICS = 9;
+  private static final int METHODID_LIST_RELATED_ACCOUNT_GROUPS = 10;
+  private static final int METHODID_LIST_RELATED_ACCOUNT_GROUP_MEMBERSHIPS = 11;
+  private static final int METHODID_SEARCH_RELATED_ACCOUNT_GROUP_MEMBERSHIPS = 12;
 
   private static final class MethodHandlers<Req, Resp>
       implements io.grpc.stub.ServerCalls.UnaryMethod<Req, Resp>,
@@ -1585,6 +1717,13 @@ public void invoke(Req request, io.grpc.stub.StreamObserver<Resp> responseObserv
               (io.grpc.stub.StreamObserver<com.google.recaptchaenterprise.v1.ListKeysResponse>)
                   responseObserver);
           break;
+        case METHODID_RETRIEVE_LEGACY_SECRET_KEY:
+          serviceImpl.retrieveLegacySecretKey(
+              (com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest) request,
+              (io.grpc.stub.StreamObserver<
+                      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse>)
+                  responseObserver);
+          break;
         case METHODID_GET_KEY:
           serviceImpl.getKey(
               (com.google.recaptchaenterprise.v1.GetKeyRequest) request,
@@ -1705,6 +1844,7 @@ public static io.grpc.ServiceDescriptor getServiceDescriptor() {
                       .addMethod(getAnnotateAssessmentMethod())
                       .addMethod(getCreateKeyMethod())
                       .addMethod(getListKeysMethod())
+                      .addMethod(getRetrieveLegacySecretKeyMethod())
                       .addMethod(getGetKeyMethod())
                       .addMethod(getUpdateKeyMethod())
                       .addMethod(getDeleteKeyMethod())
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AccountDefenderAssessment.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AccountDefenderAssessment.java
index 9db9ce16643c..b14d5fdf2b56 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AccountDefenderAssessment.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AccountDefenderAssessment.java
@@ -22,7 +22,7 @@
  *
  *
  * <pre>
- * Account Defender risk assessment.
+ * Account defender risk assessment.
  * </pre>
  *
  * Protobuf type {@code google.cloud.recaptchaenterprise.v1.AccountDefenderAssessment}
@@ -71,7 +71,7 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Labels returned by Account Defender for this request.
+   * Labels returned by account defender for this request.
    * </pre>
    *
    * Protobuf enum {@code
@@ -102,8 +102,8 @@ public enum AccountDefenderLabel implements com.google.protobuf.ProtocolMessageE
      *
      *
      * <pre>
-     * The request is potentially a suspicious login event and should be further
-     * verified either via multi-factor authentication or another system.
+     * The request is potentially a suspicious login event and must be further
+     * verified either through multi-factor authentication or another system.
      * </pre>
      *
      * <code>SUSPICIOUS_LOGIN_ACTIVITY = 2;</code>
@@ -114,7 +114,7 @@ public enum AccountDefenderLabel implements com.google.protobuf.ProtocolMessageE
      *
      * <pre>
      * The request matched a profile that previously had suspicious account
-     * creation behavior. This could mean this is a fake account.
+     * creation behavior. This can mean that this is a fake account.
      * </pre>
      *
      * <code>SUSPICIOUS_ACCOUNT_CREATION = 3;</code>
@@ -125,8 +125,8 @@ public enum AccountDefenderLabel implements com.google.protobuf.ProtocolMessageE
      *
      * <pre>
      * The account in the request has a high number of related accounts. It does
-     * not necessarily imply that the account is bad but could require
-     * investigating.
+     * not necessarily imply that the account is bad but can require further
+     * investigation.
      * </pre>
      *
      * <code>RELATED_ACCOUNTS_NUMBER_HIGH = 4;</code>
@@ -159,8 +159,8 @@ public enum AccountDefenderLabel implements com.google.protobuf.ProtocolMessageE
      *
      *
      * <pre>
-     * The request is potentially a suspicious login event and should be further
-     * verified either via multi-factor authentication or another system.
+     * The request is potentially a suspicious login event and must be further
+     * verified either through multi-factor authentication or another system.
      * </pre>
      *
      * <code>SUSPICIOUS_LOGIN_ACTIVITY = 2;</code>
@@ -171,7 +171,7 @@ public enum AccountDefenderLabel implements com.google.protobuf.ProtocolMessageE
      *
      * <pre>
      * The request matched a profile that previously had suspicious account
-     * creation behavior. This could mean this is a fake account.
+     * creation behavior. This can mean that this is a fake account.
      * </pre>
      *
      * <code>SUSPICIOUS_ACCOUNT_CREATION = 3;</code>
@@ -182,8 +182,8 @@ public enum AccountDefenderLabel implements com.google.protobuf.ProtocolMessageE
      *
      * <pre>
      * The account in the request has a high number of related accounts. It does
-     * not necessarily imply that the account is bad but could require
-     * investigating.
+     * not necessarily imply that the account is bad but can require further
+     * investigation.
      * </pre>
      *
      * <code>RELATED_ACCOUNTS_NUMBER_HIGH = 4;</code>
@@ -580,7 +580,7 @@ protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.Build
    *
    *
    * <pre>
-   * Account Defender risk assessment.
+   * Account defender risk assessment.
    * </pre>
    *
    * Protobuf type {@code google.cloud.recaptchaenterprise.v1.AccountDefenderAssessment}
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequest.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequest.java
index bfb569d0015b..06620121cd99 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequest.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequest.java
@@ -307,8 +307,8 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      *
      *
      * <pre>
-     * Indicates a chargeback issued for the transaction with no other details.
-     * When possible, specify the type by using CHARGEBACK_FRAUD or
+     * Indicates that the transaction had a chargeback issued with no other
+     * details. When possible, specify the type by using CHARGEBACK_FRAUD or
      * CHARGEBACK_DISPUTE instead.
      * </pre>
      *
@@ -319,9 +319,9 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      *
      *
      * <pre>
-     * Indicates a chargeback related to an alleged unauthorized transaction
-     * from the cardholder's perspective (for example, the card number was
-     * stolen).
+     * Indicates that the transaction had a chargeback issued related to an
+     * alleged unauthorized transaction from the cardholder's perspective (for
+     * example, the card number was stolen).
      * </pre>
      *
      * <code>CHARGEBACK_FRAUD = 8;</code>
@@ -331,14 +331,59 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      *
      *
      * <pre>
-     * Indicates a chargeback related to the cardholder having provided their
-     * card details but allegedly not being satisfied with the purchase
-     * (for example, misrepresentation, attempted cancellation).
+     * Indicates that the transaction had a chargeback issued related to the
+     * cardholder having provided their card details but allegedly not being
+     * satisfied with the purchase (for example, misrepresentation, attempted
+     * cancellation).
      * </pre>
      *
      * <code>CHARGEBACK_DISPUTE = 9;</code>
      */
     CHARGEBACK_DISPUTE(9),
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the completed payment transaction was refunded by the
+     * seller.
+     * </pre>
+     *
+     * <code>REFUND = 10;</code>
+     */
+    REFUND(10),
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the completed payment transaction was determined to be
+     * fraudulent by the seller, and was cancelled and refunded as a result.
+     * </pre>
+     *
+     * <code>REFUND_FRAUD = 11;</code>
+     */
+    REFUND_FRAUD(11),
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the payment transaction was accepted, and the user was
+     * charged.
+     * </pre>
+     *
+     * <code>TRANSACTION_ACCEPTED = 12;</code>
+     */
+    TRANSACTION_ACCEPTED(12),
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the payment transaction was declined, for example due to
+     * invalid card details.
+     * </pre>
+     *
+     * <code>TRANSACTION_DECLINED = 13;</code>
+     */
+    TRANSACTION_DECLINED(13),
     /**
      *
      *
@@ -404,6 +449,17 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      * <code>INCORRECT_PASSWORD = 6;</code>
      */
     INCORRECT_PASSWORD(6),
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the user sent unwanted and abusive messages to other users
+     * of the platform, such as spam, scams, phishing, or social engineering.
+     * </pre>
+     *
+     * <code>SOCIAL_SPAM = 14;</code>
+     */
+    SOCIAL_SPAM(14),
     UNRECOGNIZED(-1),
     ;
 
@@ -421,8 +477,8 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      *
      *
      * <pre>
-     * Indicates a chargeback issued for the transaction with no other details.
-     * When possible, specify the type by using CHARGEBACK_FRAUD or
+     * Indicates that the transaction had a chargeback issued with no other
+     * details. When possible, specify the type by using CHARGEBACK_FRAUD or
      * CHARGEBACK_DISPUTE instead.
      * </pre>
      *
@@ -433,9 +489,9 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      *
      *
      * <pre>
-     * Indicates a chargeback related to an alleged unauthorized transaction
-     * from the cardholder's perspective (for example, the card number was
-     * stolen).
+     * Indicates that the transaction had a chargeback issued related to an
+     * alleged unauthorized transaction from the cardholder's perspective (for
+     * example, the card number was stolen).
      * </pre>
      *
      * <code>CHARGEBACK_FRAUD = 8;</code>
@@ -445,14 +501,59 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      *
      *
      * <pre>
-     * Indicates a chargeback related to the cardholder having provided their
-     * card details but allegedly not being satisfied with the purchase
-     * (for example, misrepresentation, attempted cancellation).
+     * Indicates that the transaction had a chargeback issued related to the
+     * cardholder having provided their card details but allegedly not being
+     * satisfied with the purchase (for example, misrepresentation, attempted
+     * cancellation).
      * </pre>
      *
      * <code>CHARGEBACK_DISPUTE = 9;</code>
      */
     public static final int CHARGEBACK_DISPUTE_VALUE = 9;
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the completed payment transaction was refunded by the
+     * seller.
+     * </pre>
+     *
+     * <code>REFUND = 10;</code>
+     */
+    public static final int REFUND_VALUE = 10;
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the completed payment transaction was determined to be
+     * fraudulent by the seller, and was cancelled and refunded as a result.
+     * </pre>
+     *
+     * <code>REFUND_FRAUD = 11;</code>
+     */
+    public static final int REFUND_FRAUD_VALUE = 11;
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the payment transaction was accepted, and the user was
+     * charged.
+     * </pre>
+     *
+     * <code>TRANSACTION_ACCEPTED = 12;</code>
+     */
+    public static final int TRANSACTION_ACCEPTED_VALUE = 12;
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the payment transaction was declined, for example due to
+     * invalid card details.
+     * </pre>
+     *
+     * <code>TRANSACTION_DECLINED = 13;</code>
+     */
+    public static final int TRANSACTION_DECLINED_VALUE = 13;
     /**
      *
      *
@@ -518,6 +619,17 @@ public enum Reason implements com.google.protobuf.ProtocolMessageEnum {
      * <code>INCORRECT_PASSWORD = 6;</code>
      */
     public static final int INCORRECT_PASSWORD_VALUE = 6;
+    /**
+     *
+     *
+     * <pre>
+     * Indicates that the user sent unwanted and abusive messages to other users
+     * of the platform, such as spam, scams, phishing, or social engineering.
+     * </pre>
+     *
+     * <code>SOCIAL_SPAM = 14;</code>
+     */
+    public static final int SOCIAL_SPAM_VALUE = 14;
 
     public final int getNumber() {
       if (this == UNRECOGNIZED) {
@@ -551,6 +663,14 @@ public static Reason forNumber(int value) {
           return CHARGEBACK_FRAUD;
         case 9:
           return CHARGEBACK_DISPUTE;
+        case 10:
+          return REFUND;
+        case 11:
+          return REFUND_FRAUD;
+        case 12:
+          return TRANSACTION_ACCEPTED;
+        case 13:
+          return TRANSACTION_DECLINED;
         case 2:
           return PAYMENT_HEURISTICS;
         case 7:
@@ -563,6 +683,8 @@ public static Reason forNumber(int value) {
           return CORRECT_PASSWORD;
         case 6:
           return INCORRECT_PASSWORD;
+        case 14:
+          return SOCIAL_SPAM;
         default:
           return null;
       }
@@ -679,9 +801,9 @@ public com.google.protobuf.ByteString getNameBytes() {
    *
    *
    * <pre>
-   * Optional. The annotation that will be assigned to the Event. This field can
-   * be left empty to provide reasons that apply to an event without concluding
-   * whether the event is legitimate or fraudulent.
+   * Optional. The annotation that will be assigned to the Event. This field can be left
+   * empty to provide reasons that apply to an event without concluding whether
+   * the event is legitimate or fraudulent.
    * </pre>
    *
    * <code>
@@ -698,9 +820,9 @@ public int getAnnotationValue() {
    *
    *
    * <pre>
-   * Optional. The annotation that will be assigned to the Event. This field can
-   * be left empty to provide reasons that apply to an event without concluding
-   * whether the event is legitimate or fraudulent.
+   * Optional. The annotation that will be assigned to the Event. This field can be left
+   * empty to provide reasons that apply to an event without concluding whether
+   * the event is legitimate or fraudulent.
    * </pre>
    *
    * <code>
@@ -741,8 +863,7 @@ public com.google.recaptchaenterprise.v1.AnnotateAssessmentRequest.Reason conver
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -762,8 +883,7 @@ public com.google.recaptchaenterprise.v1.AnnotateAssessmentRequest.Reason conver
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -780,8 +900,7 @@ public int getReasonsCount() {
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -799,8 +918,7 @@ public com.google.recaptchaenterprise.v1.AnnotateAssessmentRequest.Reason getRea
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -817,8 +935,7 @@ public java.util.List<java.lang.Integer> getReasonsValueList() {
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -841,8 +958,8 @@ public int getReasonsValue(int index) {
    *
    *
    * <pre>
-   * Optional. Optional unique stable hashed user identifier to apply to the
-   * assessment. This is an alternative to setting the hashed_account_id in
+   * Optional. Unique stable hashed user identifier to apply to the assessment.
+   * This is an alternative to setting the hashed_account_id in
    * CreateAssessment, for example when the account identifier is not yet known
    * in the initial request. It is recommended that the identifier is hashed
    * using hmac-sha256 with stable secret.
@@ -1426,9 +1543,9 @@ public Builder setNameBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The annotation that will be assigned to the Event. This field can
-     * be left empty to provide reasons that apply to an event without concluding
-     * whether the event is legitimate or fraudulent.
+     * Optional. The annotation that will be assigned to the Event. This field can be left
+     * empty to provide reasons that apply to an event without concluding whether
+     * the event is legitimate or fraudulent.
      * </pre>
      *
      * <code>
@@ -1445,9 +1562,9 @@ public int getAnnotationValue() {
      *
      *
      * <pre>
-     * Optional. The annotation that will be assigned to the Event. This field can
-     * be left empty to provide reasons that apply to an event without concluding
-     * whether the event is legitimate or fraudulent.
+     * Optional. The annotation that will be assigned to the Event. This field can be left
+     * empty to provide reasons that apply to an event without concluding whether
+     * the event is legitimate or fraudulent.
      * </pre>
      *
      * <code>
@@ -1467,9 +1584,9 @@ public Builder setAnnotationValue(int value) {
      *
      *
      * <pre>
-     * Optional. The annotation that will be assigned to the Event. This field can
-     * be left empty to provide reasons that apply to an event without concluding
-     * whether the event is legitimate or fraudulent.
+     * Optional. The annotation that will be assigned to the Event. This field can be left
+     * empty to provide reasons that apply to an event without concluding whether
+     * the event is legitimate or fraudulent.
      * </pre>
      *
      * <code>
@@ -1492,9 +1609,9 @@ public com.google.recaptchaenterprise.v1.AnnotateAssessmentRequest.Annotation ge
      *
      *
      * <pre>
-     * Optional. The annotation that will be assigned to the Event. This field can
-     * be left empty to provide reasons that apply to an event without concluding
-     * whether the event is legitimate or fraudulent.
+     * Optional. The annotation that will be assigned to the Event. This field can be left
+     * empty to provide reasons that apply to an event without concluding whether
+     * the event is legitimate or fraudulent.
      * </pre>
      *
      * <code>
@@ -1518,9 +1635,9 @@ public Builder setAnnotation(
      *
      *
      * <pre>
-     * Optional. The annotation that will be assigned to the Event. This field can
-     * be left empty to provide reasons that apply to an event without concluding
-     * whether the event is legitimate or fraudulent.
+     * Optional. The annotation that will be assigned to the Event. This field can be left
+     * empty to provide reasons that apply to an event without concluding whether
+     * the event is legitimate or fraudulent.
      * </pre>
      *
      * <code>
@@ -1548,8 +1665,7 @@ private void ensureReasonsIsMutable() {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1568,8 +1684,7 @@ private void ensureReasonsIsMutable() {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1585,8 +1700,7 @@ public int getReasonsCount() {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1604,8 +1718,7 @@ public com.google.recaptchaenterprise.v1.AnnotateAssessmentRequest.Reason getRea
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1630,8 +1743,7 @@ public Builder setReasons(
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1655,8 +1767,7 @@ public Builder addReasons(
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1681,8 +1792,7 @@ public Builder addAllReasons(
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1701,8 +1811,7 @@ public Builder clearReasons() {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1718,8 +1827,7 @@ public java.util.List<java.lang.Integer> getReasonsValueList() {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1736,8 +1844,7 @@ public int getReasonsValue(int index) {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1758,8 +1865,7 @@ public Builder setReasonsValue(int index, int value) {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1779,8 +1885,7 @@ public Builder addReasonsValue(int value) {
      *
      *
      * <pre>
-     * Optional. Optional reasons for the annotation that will be assigned to the
-     * Event.
+     * Optional. Optional reasons for the annotation that will be assigned to the Event.
      * </pre>
      *
      * <code>
@@ -1804,8 +1909,8 @@ public Builder addAllReasonsValue(java.lang.Iterable<java.lang.Integer> values)
      *
      *
      * <pre>
-     * Optional. Optional unique stable hashed user identifier to apply to the
-     * assessment. This is an alternative to setting the hashed_account_id in
+     * Optional. Unique stable hashed user identifier to apply to the assessment.
+     * This is an alternative to setting the hashed_account_id in
      * CreateAssessment, for example when the account identifier is not yet known
      * in the initial request. It is recommended that the identifier is hashed
      * using hmac-sha256 with stable secret.
@@ -1823,8 +1928,8 @@ public com.google.protobuf.ByteString getHashedAccountId() {
      *
      *
      * <pre>
-     * Optional. Optional unique stable hashed user identifier to apply to the
-     * assessment. This is an alternative to setting the hashed_account_id in
+     * Optional. Unique stable hashed user identifier to apply to the assessment.
+     * This is an alternative to setting the hashed_account_id in
      * CreateAssessment, for example when the account identifier is not yet known
      * in the initial request. It is recommended that the identifier is hashed
      * using hmac-sha256 with stable secret.
@@ -1848,8 +1953,8 @@ public Builder setHashedAccountId(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. Optional unique stable hashed user identifier to apply to the
-     * assessment. This is an alternative to setting the hashed_account_id in
+     * Optional. Unique stable hashed user identifier to apply to the assessment.
+     * This is an alternative to setting the hashed_account_id in
      * CreateAssessment, for example when the account identifier is not yet known
      * in the initial request. It is recommended that the identifier is hashed
      * using hmac-sha256 with stable secret.
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequestOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequestOrBuilder.java
index af5b72ab5ccf..03574db215e4 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequestOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AnnotateAssessmentRequestOrBuilder.java
@@ -58,9 +58,9 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The annotation that will be assigned to the Event. This field can
-   * be left empty to provide reasons that apply to an event without concluding
-   * whether the event is legitimate or fraudulent.
+   * Optional. The annotation that will be assigned to the Event. This field can be left
+   * empty to provide reasons that apply to an event without concluding whether
+   * the event is legitimate or fraudulent.
    * </pre>
    *
    * <code>
@@ -74,9 +74,9 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The annotation that will be assigned to the Event. This field can
-   * be left empty to provide reasons that apply to an event without concluding
-   * whether the event is legitimate or fraudulent.
+   * Optional. The annotation that will be assigned to the Event. This field can be left
+   * empty to provide reasons that apply to an event without concluding whether
+   * the event is legitimate or fraudulent.
    * </pre>
    *
    * <code>
@@ -91,8 +91,7 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -107,8 +106,7 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -122,8 +120,7 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -138,8 +135,7 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -153,8 +149,7 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional reasons for the annotation that will be assigned to the
-   * Event.
+   * Optional. Optional reasons for the annotation that will be assigned to the Event.
    * </pre>
    *
    * <code>
@@ -170,8 +165,8 @@ public interface AnnotateAssessmentRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional unique stable hashed user identifier to apply to the
-   * assessment. This is an alternative to setting the hashed_account_id in
+   * Optional. Unique stable hashed user identifier to apply to the assessment.
+   * This is an alternative to setting the hashed_account_id in
    * CreateAssessment, for example when the account identifier is not yet known
    * in the initial request. It is recommended that the identifier is hashed
    * using hmac-sha256 with stable secret.
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Assessment.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Assessment.java
index 1b687279c4dd..17c2df883d55 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Assessment.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Assessment.java
@@ -278,7 +278,7 @@ public com.google.recaptchaenterprise.v1.TokenPropertiesOrBuilder getTokenProper
    *
    *
    * <pre>
-   * Assessment returned by Account Defender when a hashed_account_id is
+   * Assessment returned by account defender when a hashed_account_id is
    * provided.
    * </pre>
    *
@@ -296,7 +296,7 @@ public boolean hasAccountDefenderAssessment() {
    *
    *
    * <pre>
-   * Assessment returned by Account Defender when a hashed_account_id is
+   * Assessment returned by account defender when a hashed_account_id is
    * provided.
    * </pre>
    *
@@ -317,7 +317,7 @@ public boolean hasAccountDefenderAssessment() {
    *
    *
    * <pre>
-   * Assessment returned by Account Defender when a hashed_account_id is
+   * Assessment returned by account defender when a hashed_account_id is
    * provided.
    * </pre>
    *
@@ -338,7 +338,8 @@ public boolean hasAccountDefenderAssessment() {
    *
    *
    * <pre>
-   * Password leak verification info.
+   * The private password leak verification field contains the parameters that
+   * are used to to check for leaks privately without sharing user credentials.
    * </pre>
    *
    * <code>
@@ -355,7 +356,8 @@ public boolean hasPrivatePasswordLeakVerification() {
    *
    *
    * <pre>
-   * Password leak verification info.
+   * The private password leak verification field contains the parameters that
+   * are used to to check for leaks privately without sharing user credentials.
    * </pre>
    *
    * <code>
@@ -375,7 +377,8 @@ public boolean hasPrivatePasswordLeakVerification() {
    *
    *
    * <pre>
-   * Password leak verification info.
+   * The private password leak verification field contains the parameters that
+   * are used to to check for leaks privately without sharing user credentials.
    * </pre>
    *
    * <code>
@@ -1612,7 +1615,7 @@ public com.google.recaptchaenterprise.v1.TokenProperties.Builder getTokenPropert
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1629,7 +1632,7 @@ public boolean hasAccountDefenderAssessment() {
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1653,7 +1656,7 @@ public boolean hasAccountDefenderAssessment() {
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1679,7 +1682,7 @@ public Builder setAccountDefenderAssessment(
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1702,7 +1705,7 @@ public Builder setAccountDefenderAssessment(
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1733,7 +1736,7 @@ public Builder mergeAccountDefenderAssessment(
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1756,7 +1759,7 @@ public Builder clearAccountDefenderAssessment() {
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1774,7 +1777,7 @@ public Builder clearAccountDefenderAssessment() {
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1796,7 +1799,7 @@ public Builder clearAccountDefenderAssessment() {
      *
      *
      * <pre>
-     * Assessment returned by Account Defender when a hashed_account_id is
+     * Assessment returned by account defender when a hashed_account_id is
      * provided.
      * </pre>
      *
@@ -1832,7 +1835,8 @@ public Builder clearAccountDefenderAssessment() {
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1849,7 +1853,8 @@ public boolean hasPrivatePasswordLeakVerification() {
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1872,7 +1877,8 @@ public boolean hasPrivatePasswordLeakVerification() {
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1897,7 +1903,8 @@ public Builder setPrivatePasswordLeakVerification(
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1919,7 +1926,8 @@ public Builder setPrivatePasswordLeakVerification(
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1949,7 +1957,8 @@ public Builder mergePrivatePasswordLeakVerification(
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1971,7 +1980,8 @@ public Builder clearPrivatePasswordLeakVerification() {
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -1988,7 +1998,8 @@ public Builder clearPrivatePasswordLeakVerification() {
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
@@ -2009,7 +2020,8 @@ public Builder clearPrivatePasswordLeakVerification() {
      *
      *
      * <pre>
-     * Password leak verification info.
+     * The private password leak verification field contains the parameters that
+     * are used to to check for leaks privately without sharing user credentials.
      * </pre>
      *
      * <code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AssessmentOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AssessmentOrBuilder.java
index 2bdaa9699a2d..a78ce03d0e9d 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AssessmentOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/AssessmentOrBuilder.java
@@ -171,7 +171,7 @@ public interface AssessmentOrBuilder
    *
    *
    * <pre>
-   * Assessment returned by Account Defender when a hashed_account_id is
+   * Assessment returned by account defender when a hashed_account_id is
    * provided.
    * </pre>
    *
@@ -186,7 +186,7 @@ public interface AssessmentOrBuilder
    *
    *
    * <pre>
-   * Assessment returned by Account Defender when a hashed_account_id is
+   * Assessment returned by account defender when a hashed_account_id is
    * provided.
    * </pre>
    *
@@ -201,7 +201,7 @@ public interface AssessmentOrBuilder
    *
    *
    * <pre>
-   * Assessment returned by Account Defender when a hashed_account_id is
+   * Assessment returned by account defender when a hashed_account_id is
    * provided.
    * </pre>
    *
@@ -216,7 +216,8 @@ public interface AssessmentOrBuilder
    *
    *
    * <pre>
-   * Password leak verification info.
+   * The private password leak verification field contains the parameters that
+   * are used to to check for leaks privately without sharing user credentials.
    * </pre>
    *
    * <code>
@@ -230,7 +231,8 @@ public interface AssessmentOrBuilder
    *
    *
    * <pre>
-   * Password leak verification info.
+   * The private password leak verification field contains the parameters that
+   * are used to to check for leaks privately without sharing user credentials.
    * </pre>
    *
    * <code>
@@ -245,7 +247,8 @@ public interface AssessmentOrBuilder
    *
    *
    * <pre>
-   * Password leak verification info.
+   * The private password leak verification field contains the parameters that
+   * are used to to check for leaks privately without sharing user credentials.
    * </pre>
    *
    * <code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Event.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Event.java
index d69a18726ac4..72a18df07015 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Event.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/Event.java
@@ -70,8 +70,8 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Optional. The user response token provided by the reCAPTCHA client-side
-   * integration on your site.
+   * Optional. The user response token provided by the reCAPTCHA client-side integration
+   * on your site.
    * </pre>
    *
    * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -94,8 +94,8 @@ public java.lang.String getToken() {
    *
    *
    * <pre>
-   * Optional. The user response token provided by the reCAPTCHA client-side
-   * integration on your site.
+   * Optional. The user response token provided by the reCAPTCHA client-side integration
+   * on your site.
    * </pre>
    *
    * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -121,8 +121,8 @@ public com.google.protobuf.ByteString getTokenBytes() {
    *
    *
    * <pre>
-   * Optional. The site key that was used to invoke reCAPTCHA on your site and
-   * generate the token.
+   * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+   * the token.
    * </pre>
    *
    * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -145,8 +145,8 @@ public java.lang.String getSiteKey() {
    *
    *
    * <pre>
-   * Optional. The site key that was used to invoke reCAPTCHA on your site and
-   * generate the token.
+   * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+   * the token.
    * </pre>
    *
    * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -172,8 +172,8 @@ public com.google.protobuf.ByteString getSiteKeyBytes() {
    *
    *
    * <pre>
-   * Optional. The user agent present in the request from the user's device
-   * related to this event.
+   * Optional. The user agent present in the request from the user's device related to
+   * this event.
    * </pre>
    *
    * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -196,8 +196,8 @@ public java.lang.String getUserAgent() {
    *
    *
    * <pre>
-   * Optional. The user agent present in the request from the user's device
-   * related to this event.
+   * Optional. The user agent present in the request from the user's device related to
+   * this event.
    * </pre>
    *
    * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -223,8 +223,7 @@ public com.google.protobuf.ByteString getUserAgentBytes() {
    *
    *
    * <pre>
-   * Optional. The IP address in the request from the user's device related to
-   * this event.
+   * Optional. The IP address in the request from the user's device related to this event.
    * </pre>
    *
    * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -247,8 +246,7 @@ public java.lang.String getUserIpAddress() {
    *
    *
    * <pre>
-   * Optional. The IP address in the request from the user's device related to
-   * this event.
+   * Optional. The IP address in the request from the user's device related to this event.
    * </pre>
    *
    * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -274,9 +272,9 @@ public com.google.protobuf.ByteString getUserIpAddressBytes() {
    *
    *
    * <pre>
-   * Optional. The expected action for this type of event. This should be the
-   * same action provided at token generation time on client-side platforms
-   * already integrated with recaptcha enterprise.
+   * Optional. The expected action for this type of event. This should be the same action
+   * provided at token generation time on client-side platforms already
+   * integrated with recaptcha enterprise.
    * </pre>
    *
    * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -299,9 +297,9 @@ public java.lang.String getExpectedAction() {
    *
    *
    * <pre>
-   * Optional. The expected action for this type of event. This should be the
-   * same action provided at token generation time on client-side platforms
-   * already integrated with recaptcha enterprise.
+   * Optional. The expected action for this type of event. This should be the same action
+   * provided at token generation time on client-side platforms already
+   * integrated with recaptcha enterprise.
    * </pre>
    *
    * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -327,8 +325,8 @@ public com.google.protobuf.ByteString getExpectedActionBytes() {
    *
    *
    * <pre>
-   * Optional. Optional unique stable hashed user identifier for the request.
-   * The identifier should ideally be hashed using sha256 with stable secret.
+   * Optional. Unique stable hashed user identifier for the request. The identifier must
+   * be hashed using hmac-sha256 with stable secret.
    * </pre>
    *
    * <code>bytes hashed_account_id = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -774,8 +772,8 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Optional. The user response token provided by the reCAPTCHA client-side
-     * integration on your site.
+     * Optional. The user response token provided by the reCAPTCHA client-side integration
+     * on your site.
      * </pre>
      *
      * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -797,8 +795,8 @@ public java.lang.String getToken() {
      *
      *
      * <pre>
-     * Optional. The user response token provided by the reCAPTCHA client-side
-     * integration on your site.
+     * Optional. The user response token provided by the reCAPTCHA client-side integration
+     * on your site.
      * </pre>
      *
      * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -820,8 +818,8 @@ public com.google.protobuf.ByteString getTokenBytes() {
      *
      *
      * <pre>
-     * Optional. The user response token provided by the reCAPTCHA client-side
-     * integration on your site.
+     * Optional. The user response token provided by the reCAPTCHA client-side integration
+     * on your site.
      * </pre>
      *
      * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -842,8 +840,8 @@ public Builder setToken(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. The user response token provided by the reCAPTCHA client-side
-     * integration on your site.
+     * Optional. The user response token provided by the reCAPTCHA client-side integration
+     * on your site.
      * </pre>
      *
      * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -860,8 +858,8 @@ public Builder clearToken() {
      *
      *
      * <pre>
-     * Optional. The user response token provided by the reCAPTCHA client-side
-     * integration on your site.
+     * Optional. The user response token provided by the reCAPTCHA client-side integration
+     * on your site.
      * </pre>
      *
      * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -885,8 +883,8 @@ public Builder setTokenBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The site key that was used to invoke reCAPTCHA on your site and
-     * generate the token.
+     * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+     * the token.
      * </pre>
      *
      * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -908,8 +906,8 @@ public java.lang.String getSiteKey() {
      *
      *
      * <pre>
-     * Optional. The site key that was used to invoke reCAPTCHA on your site and
-     * generate the token.
+     * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+     * the token.
      * </pre>
      *
      * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -931,8 +929,8 @@ public com.google.protobuf.ByteString getSiteKeyBytes() {
      *
      *
      * <pre>
-     * Optional. The site key that was used to invoke reCAPTCHA on your site and
-     * generate the token.
+     * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+     * the token.
      * </pre>
      *
      * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -953,8 +951,8 @@ public Builder setSiteKey(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. The site key that was used to invoke reCAPTCHA on your site and
-     * generate the token.
+     * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+     * the token.
      * </pre>
      *
      * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -971,8 +969,8 @@ public Builder clearSiteKey() {
      *
      *
      * <pre>
-     * Optional. The site key that was used to invoke reCAPTCHA on your site and
-     * generate the token.
+     * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+     * the token.
      * </pre>
      *
      * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -996,8 +994,8 @@ public Builder setSiteKeyBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The user agent present in the request from the user's device
-     * related to this event.
+     * Optional. The user agent present in the request from the user's device related to
+     * this event.
      * </pre>
      *
      * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1019,8 +1017,8 @@ public java.lang.String getUserAgent() {
      *
      *
      * <pre>
-     * Optional. The user agent present in the request from the user's device
-     * related to this event.
+     * Optional. The user agent present in the request from the user's device related to
+     * this event.
      * </pre>
      *
      * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1042,8 +1040,8 @@ public com.google.protobuf.ByteString getUserAgentBytes() {
      *
      *
      * <pre>
-     * Optional. The user agent present in the request from the user's device
-     * related to this event.
+     * Optional. The user agent present in the request from the user's device related to
+     * this event.
      * </pre>
      *
      * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1064,8 +1062,8 @@ public Builder setUserAgent(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. The user agent present in the request from the user's device
-     * related to this event.
+     * Optional. The user agent present in the request from the user's device related to
+     * this event.
      * </pre>
      *
      * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1082,8 +1080,8 @@ public Builder clearUserAgent() {
      *
      *
      * <pre>
-     * Optional. The user agent present in the request from the user's device
-     * related to this event.
+     * Optional. The user agent present in the request from the user's device related to
+     * this event.
      * </pre>
      *
      * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1107,8 +1105,7 @@ public Builder setUserAgentBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The IP address in the request from the user's device related to
-     * this event.
+     * Optional. The IP address in the request from the user's device related to this event.
      * </pre>
      *
      * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1130,8 +1127,7 @@ public java.lang.String getUserIpAddress() {
      *
      *
      * <pre>
-     * Optional. The IP address in the request from the user's device related to
-     * this event.
+     * Optional. The IP address in the request from the user's device related to this event.
      * </pre>
      *
      * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1153,8 +1149,7 @@ public com.google.protobuf.ByteString getUserIpAddressBytes() {
      *
      *
      * <pre>
-     * Optional. The IP address in the request from the user's device related to
-     * this event.
+     * Optional. The IP address in the request from the user's device related to this event.
      * </pre>
      *
      * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1175,8 +1170,7 @@ public Builder setUserIpAddress(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. The IP address in the request from the user's device related to
-     * this event.
+     * Optional. The IP address in the request from the user's device related to this event.
      * </pre>
      *
      * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1193,8 +1187,7 @@ public Builder clearUserIpAddress() {
      *
      *
      * <pre>
-     * Optional. The IP address in the request from the user's device related to
-     * this event.
+     * Optional. The IP address in the request from the user's device related to this event.
      * </pre>
      *
      * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1218,9 +1211,9 @@ public Builder setUserIpAddressBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The expected action for this type of event. This should be the
-     * same action provided at token generation time on client-side platforms
-     * already integrated with recaptcha enterprise.
+     * Optional. The expected action for this type of event. This should be the same action
+     * provided at token generation time on client-side platforms already
+     * integrated with recaptcha enterprise.
      * </pre>
      *
      * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1242,9 +1235,9 @@ public java.lang.String getExpectedAction() {
      *
      *
      * <pre>
-     * Optional. The expected action for this type of event. This should be the
-     * same action provided at token generation time on client-side platforms
-     * already integrated with recaptcha enterprise.
+     * Optional. The expected action for this type of event. This should be the same action
+     * provided at token generation time on client-side platforms already
+     * integrated with recaptcha enterprise.
      * </pre>
      *
      * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1266,9 +1259,9 @@ public com.google.protobuf.ByteString getExpectedActionBytes() {
      *
      *
      * <pre>
-     * Optional. The expected action for this type of event. This should be the
-     * same action provided at token generation time on client-side platforms
-     * already integrated with recaptcha enterprise.
+     * Optional. The expected action for this type of event. This should be the same action
+     * provided at token generation time on client-side platforms already
+     * integrated with recaptcha enterprise.
      * </pre>
      *
      * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1289,9 +1282,9 @@ public Builder setExpectedAction(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. The expected action for this type of event. This should be the
-     * same action provided at token generation time on client-side platforms
-     * already integrated with recaptcha enterprise.
+     * Optional. The expected action for this type of event. This should be the same action
+     * provided at token generation time on client-side platforms already
+     * integrated with recaptcha enterprise.
      * </pre>
      *
      * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1308,9 +1301,9 @@ public Builder clearExpectedAction() {
      *
      *
      * <pre>
-     * Optional. The expected action for this type of event. This should be the
-     * same action provided at token generation time on client-side platforms
-     * already integrated with recaptcha enterprise.
+     * Optional. The expected action for this type of event. This should be the same action
+     * provided at token generation time on client-side platforms already
+     * integrated with recaptcha enterprise.
      * </pre>
      *
      * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1334,8 +1327,8 @@ public Builder setExpectedActionBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. Optional unique stable hashed user identifier for the request.
-     * The identifier should ideally be hashed using sha256 with stable secret.
+     * Optional. Unique stable hashed user identifier for the request. The identifier must
+     * be hashed using hmac-sha256 with stable secret.
      * </pre>
      *
      * <code>bytes hashed_account_id = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1350,8 +1343,8 @@ public com.google.protobuf.ByteString getHashedAccountId() {
      *
      *
      * <pre>
-     * Optional. Optional unique stable hashed user identifier for the request.
-     * The identifier should ideally be hashed using sha256 with stable secret.
+     * Optional. Unique stable hashed user identifier for the request. The identifier must
+     * be hashed using hmac-sha256 with stable secret.
      * </pre>
      *
      * <code>bytes hashed_account_id = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -1372,8 +1365,8 @@ public Builder setHashedAccountId(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. Optional unique stable hashed user identifier for the request.
-     * The identifier should ideally be hashed using sha256 with stable secret.
+     * Optional. Unique stable hashed user identifier for the request. The identifier must
+     * be hashed using hmac-sha256 with stable secret.
      * </pre>
      *
      * <code>bytes hashed_account_id = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/EventOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/EventOrBuilder.java
index 819d6ed40ad5..6b5fe7785ef4 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/EventOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/EventOrBuilder.java
@@ -27,8 +27,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The user response token provided by the reCAPTCHA client-side
-   * integration on your site.
+   * Optional. The user response token provided by the reCAPTCHA client-side integration
+   * on your site.
    * </pre>
    *
    * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -40,8 +40,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The user response token provided by the reCAPTCHA client-side
-   * integration on your site.
+   * Optional. The user response token provided by the reCAPTCHA client-side integration
+   * on your site.
    * </pre>
    *
    * <code>string token = 1 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -54,8 +54,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The site key that was used to invoke reCAPTCHA on your site and
-   * generate the token.
+   * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+   * the token.
    * </pre>
    *
    * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -67,8 +67,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The site key that was used to invoke reCAPTCHA on your site and
-   * generate the token.
+   * Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+   * the token.
    * </pre>
    *
    * <code>string site_key = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -81,8 +81,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The user agent present in the request from the user's device
-   * related to this event.
+   * Optional. The user agent present in the request from the user's device related to
+   * this event.
    * </pre>
    *
    * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -94,8 +94,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The user agent present in the request from the user's device
-   * related to this event.
+   * Optional. The user agent present in the request from the user's device related to
+   * this event.
    * </pre>
    *
    * <code>string user_agent = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -108,8 +108,7 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The IP address in the request from the user's device related to
-   * this event.
+   * Optional. The IP address in the request from the user's device related to this event.
    * </pre>
    *
    * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -121,8 +120,7 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The IP address in the request from the user's device related to
-   * this event.
+   * Optional. The IP address in the request from the user's device related to this event.
    * </pre>
    *
    * <code>string user_ip_address = 4 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -135,9 +133,9 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The expected action for this type of event. This should be the
-   * same action provided at token generation time on client-side platforms
-   * already integrated with recaptcha enterprise.
+   * Optional. The expected action for this type of event. This should be the same action
+   * provided at token generation time on client-side platforms already
+   * integrated with recaptcha enterprise.
    * </pre>
    *
    * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -149,9 +147,9 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. The expected action for this type of event. This should be the
-   * same action provided at token generation time on client-side platforms
-   * already integrated with recaptcha enterprise.
+   * Optional. The expected action for this type of event. This should be the same action
+   * provided at token generation time on client-side platforms already
+   * integrated with recaptcha enterprise.
    * </pre>
    *
    * <code>string expected_action = 5 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -164,8 +162,8 @@ public interface EventOrBuilder
    *
    *
    * <pre>
-   * Optional. Optional unique stable hashed user identifier for the request.
-   * The identifier should ideally be hashed using sha256 with stable secret.
+   * Optional. Unique stable hashed user identifier for the request. The identifier must
+   * be hashed using hmac-sha256 with stable secret.
    * </pre>
    *
    * <code>bytes hashed_account_id = 6 [(.google.api.field_behavior) = OPTIONAL];</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequest.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequest.java
index a39c1a6e3628..83896ea247df 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequest.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequest.java
@@ -133,10 +133,10 @@ public com.google.protobuf.ByteString getParentBytes() {
    *
    *
    * <pre>
-   * Optional. The maximum number of accounts to return. The service may return
-   * fewer than this value. If unspecified, at most 50 accounts will be
-   * returned. The maximum value is 1000; values above 1000 will be coerced to
-   * 1000.
+   * Optional. The maximum number of accounts to return. The service might return fewer
+   * than this value.
+   * If unspecified, at most 50 accounts are returned.
+   * The maximum value is 1000; values above 1000 are coerced to 1000.
    * </pre>
    *
    * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -154,8 +154,8 @@ public int getPageSize() {
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous
-   * `ListRelatedAccountGroupMemberships` call.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+   * call.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroupMemberships` must match the call that provided the
    * page token.
@@ -181,8 +181,8 @@ public java.lang.String getPageToken() {
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous
-   * `ListRelatedAccountGroupMemberships` call.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+   * call.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroupMemberships` must match the call that provided the
    * page token.
@@ -723,10 +723,10 @@ public Builder setParentBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The maximum number of accounts to return. The service may return
-     * fewer than this value. If unspecified, at most 50 accounts will be
-     * returned. The maximum value is 1000; values above 1000 will be coerced to
-     * 1000.
+     * Optional. The maximum number of accounts to return. The service might return fewer
+     * than this value.
+     * If unspecified, at most 50 accounts are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -741,10 +741,10 @@ public int getPageSize() {
      *
      *
      * <pre>
-     * Optional. The maximum number of accounts to return. The service may return
-     * fewer than this value. If unspecified, at most 50 accounts will be
-     * returned. The maximum value is 1000; values above 1000 will be coerced to
-     * 1000.
+     * Optional. The maximum number of accounts to return. The service might return fewer
+     * than this value.
+     * If unspecified, at most 50 accounts are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -762,10 +762,10 @@ public Builder setPageSize(int value) {
      *
      *
      * <pre>
-     * Optional. The maximum number of accounts to return. The service may return
-     * fewer than this value. If unspecified, at most 50 accounts will be
-     * returned. The maximum value is 1000; values above 1000 will be coerced to
-     * 1000.
+     * Optional. The maximum number of accounts to return. The service might return fewer
+     * than this value.
+     * If unspecified, at most 50 accounts are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -784,8 +784,8 @@ public Builder clearPageSize() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous
-     * `ListRelatedAccountGroupMemberships` call.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+     * call.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroupMemberships` must match the call that provided the
      * page token.
@@ -810,8 +810,8 @@ public java.lang.String getPageToken() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous
-     * `ListRelatedAccountGroupMemberships` call.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+     * call.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroupMemberships` must match the call that provided the
      * page token.
@@ -836,8 +836,8 @@ public com.google.protobuf.ByteString getPageTokenBytes() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous
-     * `ListRelatedAccountGroupMemberships` call.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+     * call.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroupMemberships` must match the call that provided the
      * page token.
@@ -861,8 +861,8 @@ public Builder setPageToken(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous
-     * `ListRelatedAccountGroupMemberships` call.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+     * call.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroupMemberships` must match the call that provided the
      * page token.
@@ -882,8 +882,8 @@ public Builder clearPageToken() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous
-     * `ListRelatedAccountGroupMemberships` call.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+     * call.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroupMemberships` must match the call that provided the
      * page token.
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequestOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequestOrBuilder.java
index f9ff849357dc..ec48b39f94db 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequestOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupMembershipsRequestOrBuilder.java
@@ -58,10 +58,10 @@ public interface ListRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The maximum number of accounts to return. The service may return
-   * fewer than this value. If unspecified, at most 50 accounts will be
-   * returned. The maximum value is 1000; values above 1000 will be coerced to
-   * 1000.
+   * Optional. The maximum number of accounts to return. The service might return fewer
+   * than this value.
+   * If unspecified, at most 50 accounts are returned.
+   * The maximum value is 1000; values above 1000 are coerced to 1000.
    * </pre>
    *
    * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -74,8 +74,8 @@ public interface ListRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous
-   * `ListRelatedAccountGroupMemberships` call.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+   * call.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroupMemberships` must match the call that provided the
    * page token.
@@ -90,8 +90,8 @@ public interface ListRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous
-   * `ListRelatedAccountGroupMemberships` call.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+   * call.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroupMemberships` must match the call that provided the
    * page token.
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequest.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequest.java
index 027ab06ba61e..38b288268941 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequest.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequest.java
@@ -75,8 +75,8 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Required. The name of the project to list related account groups from, in
-   * the format "projects/{project}".
+   * Required. The name of the project to list related account groups from, in the format
+   * "projects/{project}".
    * </pre>
    *
    * <code>
@@ -101,8 +101,8 @@ public java.lang.String getParent() {
    *
    *
    * <pre>
-   * Required. The name of the project to list related account groups from, in
-   * the format "projects/{project}".
+   * Required. The name of the project to list related account groups from, in the format
+   * "projects/{project}".
    * </pre>
    *
    * <code>
@@ -130,9 +130,10 @@ public com.google.protobuf.ByteString getParentBytes() {
    *
    *
    * <pre>
-   * Optional. The maximum number of groups to return. The service may return
-   * fewer than this value. If unspecified, at most 50 groups will be returned.
-   * The maximum value is 1000; values above 1000 will be coerced to 1000.
+   * Optional. The maximum number of groups to return. The service might return fewer than
+   * this value.
+   * If unspecified, at most 50 groups are returned.
+   * The maximum value is 1000; values above 1000 are coerced to 1000.
    * </pre>
    *
    * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -150,8 +151,8 @@ public int getPageSize() {
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-   * call. Provide this to retrieve the subsequent page.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+   * Provide this to retrieve the subsequent page.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroups` must match the call that provided the page
    * token.
@@ -177,8 +178,8 @@ public java.lang.String getPageToken() {
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-   * call. Provide this to retrieve the subsequent page.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+   * Provide this to retrieve the subsequent page.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroups` must match the call that provided the page
    * token.
@@ -585,8 +586,8 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Required. The name of the project to list related account groups from, in
-     * the format "projects/{project}".
+     * Required. The name of the project to list related account groups from, in the format
+     * "projects/{project}".
      * </pre>
      *
      * <code>
@@ -610,8 +611,8 @@ public java.lang.String getParent() {
      *
      *
      * <pre>
-     * Required. The name of the project to list related account groups from, in
-     * the format "projects/{project}".
+     * Required. The name of the project to list related account groups from, in the format
+     * "projects/{project}".
      * </pre>
      *
      * <code>
@@ -635,8 +636,8 @@ public com.google.protobuf.ByteString getParentBytes() {
      *
      *
      * <pre>
-     * Required. The name of the project to list related account groups from, in
-     * the format "projects/{project}".
+     * Required. The name of the project to list related account groups from, in the format
+     * "projects/{project}".
      * </pre>
      *
      * <code>
@@ -659,8 +660,8 @@ public Builder setParent(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. The name of the project to list related account groups from, in
-     * the format "projects/{project}".
+     * Required. The name of the project to list related account groups from, in the format
+     * "projects/{project}".
      * </pre>
      *
      * <code>
@@ -679,8 +680,8 @@ public Builder clearParent() {
      *
      *
      * <pre>
-     * Required. The name of the project to list related account groups from, in
-     * the format "projects/{project}".
+     * Required. The name of the project to list related account groups from, in the format
+     * "projects/{project}".
      * </pre>
      *
      * <code>
@@ -706,9 +707,10 @@ public Builder setParentBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The maximum number of groups to return. The service may return
-     * fewer than this value. If unspecified, at most 50 groups will be returned.
-     * The maximum value is 1000; values above 1000 will be coerced to 1000.
+     * Optional. The maximum number of groups to return. The service might return fewer than
+     * this value.
+     * If unspecified, at most 50 groups are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -723,9 +725,10 @@ public int getPageSize() {
      *
      *
      * <pre>
-     * Optional. The maximum number of groups to return. The service may return
-     * fewer than this value. If unspecified, at most 50 groups will be returned.
-     * The maximum value is 1000; values above 1000 will be coerced to 1000.
+     * Optional. The maximum number of groups to return. The service might return fewer than
+     * this value.
+     * If unspecified, at most 50 groups are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -743,9 +746,10 @@ public Builder setPageSize(int value) {
      *
      *
      * <pre>
-     * Optional. The maximum number of groups to return. The service may return
-     * fewer than this value. If unspecified, at most 50 groups will be returned.
-     * The maximum value is 1000; values above 1000 will be coerced to 1000.
+     * Optional. The maximum number of groups to return. The service might return fewer than
+     * this value.
+     * If unspecified, at most 50 groups are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -764,8 +768,8 @@ public Builder clearPageSize() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-     * call. Provide this to retrieve the subsequent page.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+     * Provide this to retrieve the subsequent page.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroups` must match the call that provided the page
      * token.
@@ -790,8 +794,8 @@ public java.lang.String getPageToken() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-     * call. Provide this to retrieve the subsequent page.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+     * Provide this to retrieve the subsequent page.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroups` must match the call that provided the page
      * token.
@@ -816,8 +820,8 @@ public com.google.protobuf.ByteString getPageTokenBytes() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-     * call. Provide this to retrieve the subsequent page.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+     * Provide this to retrieve the subsequent page.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroups` must match the call that provided the page
      * token.
@@ -841,8 +845,8 @@ public Builder setPageToken(java.lang.String value) {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-     * call. Provide this to retrieve the subsequent page.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+     * Provide this to retrieve the subsequent page.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroups` must match the call that provided the page
      * token.
@@ -862,8 +866,8 @@ public Builder clearPageToken() {
      *
      *
      * <pre>
-     * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-     * call. Provide this to retrieve the subsequent page.
+     * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+     * Provide this to retrieve the subsequent page.
      * When paginating, all other parameters provided to
      * `ListRelatedAccountGroups` must match the call that provided the page
      * token.
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequestOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequestOrBuilder.java
index 4b0c820a7401..5f9eebf09ad0 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequestOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/ListRelatedAccountGroupsRequestOrBuilder.java
@@ -27,8 +27,8 @@ public interface ListRelatedAccountGroupsRequestOrBuilder
    *
    *
    * <pre>
-   * Required. The name of the project to list related account groups from, in
-   * the format "projects/{project}".
+   * Required. The name of the project to list related account groups from, in the format
+   * "projects/{project}".
    * </pre>
    *
    * <code>
@@ -42,8 +42,8 @@ public interface ListRelatedAccountGroupsRequestOrBuilder
    *
    *
    * <pre>
-   * Required. The name of the project to list related account groups from, in
-   * the format "projects/{project}".
+   * Required. The name of the project to list related account groups from, in the format
+   * "projects/{project}".
    * </pre>
    *
    * <code>
@@ -58,9 +58,10 @@ public interface ListRelatedAccountGroupsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The maximum number of groups to return. The service may return
-   * fewer than this value. If unspecified, at most 50 groups will be returned.
-   * The maximum value is 1000; values above 1000 will be coerced to 1000.
+   * Optional. The maximum number of groups to return. The service might return fewer than
+   * this value.
+   * If unspecified, at most 50 groups are returned.
+   * The maximum value is 1000; values above 1000 are coerced to 1000.
    * </pre>
    *
    * <code>int32 page_size = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -73,8 +74,8 @@ public interface ListRelatedAccountGroupsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-   * call. Provide this to retrieve the subsequent page.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+   * Provide this to retrieve the subsequent page.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroups` must match the call that provided the page
    * token.
@@ -89,8 +90,8 @@ public interface ListRelatedAccountGroupsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. A page token, received from a previous `ListRelatedAccountGroups`
-   * call. Provide this to retrieve the subsequent page.
+   * Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+   * Provide this to retrieve the subsequent page.
    * When paginating, all other parameters provided to
    * `ListRelatedAccountGroups` must match the call that provided the page
    * token.
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerification.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerification.java
index 76652b65ff5f..f9362b66e9d9 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerification.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerification.java
@@ -77,7 +77,7 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
+   * Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
    * is used to look up password leaks associated with that hash prefix.
    * </pre>
    *
@@ -96,7 +96,7 @@ public com.google.protobuf.ByteString getLookupHashPrefix() {
    *
    *
    * <pre>
-   * Encrypted Scrypt hash of the canonicalized username+password. It is
+   * Optional. Encrypted Scrypt hash of the canonicalized username+password. It is
    * re-encrypted by the server and returned through
    * `reencrypted_user_credentials_hash`.
    * </pre>
@@ -117,8 +117,8 @@ public com.google.protobuf.ByteString getEncryptedUserCredentialsHash() {
    *
    *
    * <pre>
-   * List of prefixes of the encrypted potential password leaks that matched the
-   * given parameters. They should be compared with the client-side decryption
+   * Output only. List of prefixes of the encrypted potential password leaks that matched the
+   * given parameters. They must be compared with the client-side decryption
    * prefix of `reencrypted_user_credentials_hash`
    * </pre>
    *
@@ -136,8 +136,8 @@ public java.util.List<com.google.protobuf.ByteString> getEncryptedLeakMatchPrefi
    *
    *
    * <pre>
-   * List of prefixes of the encrypted potential password leaks that matched the
-   * given parameters. They should be compared with the client-side decryption
+   * Output only. List of prefixes of the encrypted potential password leaks that matched the
+   * given parameters. They must be compared with the client-side decryption
    * prefix of `reencrypted_user_credentials_hash`
    * </pre>
    *
@@ -154,8 +154,8 @@ public int getEncryptedLeakMatchPrefixesCount() {
    *
    *
    * <pre>
-   * List of prefixes of the encrypted potential password leaks that matched the
-   * given parameters. They should be compared with the client-side decryption
+   * Output only. List of prefixes of the encrypted potential password leaks that matched the
+   * given parameters. They must be compared with the client-side decryption
    * prefix of `reencrypted_user_credentials_hash`
    * </pre>
    *
@@ -176,8 +176,8 @@ public com.google.protobuf.ByteString getEncryptedLeakMatchPrefixes(int index) {
    *
    *
    * <pre>
-   * Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
-   * field. Used to match potential password leaks within
+   * Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
+   * field. It is used to match potential password leaks within
    * `encrypted_leak_match_prefixes`.
    * </pre>
    *
@@ -625,7 +625,7 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
+     * Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
      * is used to look up password leaks associated with that hash prefix.
      * </pre>
      *
@@ -641,7 +641,7 @@ public com.google.protobuf.ByteString getLookupHashPrefix() {
      *
      *
      * <pre>
-     * Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
+     * Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
      * is used to look up password leaks associated with that hash prefix.
      * </pre>
      *
@@ -663,7 +663,7 @@ public Builder setLookupHashPrefix(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
+     * Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
      * is used to look up password leaks associated with that hash prefix.
      * </pre>
      *
@@ -684,7 +684,7 @@ public Builder clearLookupHashPrefix() {
      *
      *
      * <pre>
-     * Encrypted Scrypt hash of the canonicalized username+password. It is
+     * Optional. Encrypted Scrypt hash of the canonicalized username+password. It is
      * re-encrypted by the server and returned through
      * `reencrypted_user_credentials_hash`.
      * </pre>
@@ -702,7 +702,7 @@ public com.google.protobuf.ByteString getEncryptedUserCredentialsHash() {
      *
      *
      * <pre>
-     * Encrypted Scrypt hash of the canonicalized username+password. It is
+     * Optional. Encrypted Scrypt hash of the canonicalized username+password. It is
      * re-encrypted by the server and returned through
      * `reencrypted_user_credentials_hash`.
      * </pre>
@@ -726,7 +726,7 @@ public Builder setEncryptedUserCredentialsHash(com.google.protobuf.ByteString va
      *
      *
      * <pre>
-     * Encrypted Scrypt hash of the canonicalized username+password. It is
+     * Optional. Encrypted Scrypt hash of the canonicalized username+password. It is
      * re-encrypted by the server and returned through
      * `reencrypted_user_credentials_hash`.
      * </pre>
@@ -757,8 +757,8 @@ private void ensureEncryptedLeakMatchPrefixesIsMutable() {
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -777,8 +777,8 @@ public java.util.List<com.google.protobuf.ByteString> getEncryptedLeakMatchPrefi
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -795,8 +795,8 @@ public int getEncryptedLeakMatchPrefixesCount() {
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -814,8 +814,8 @@ public com.google.protobuf.ByteString getEncryptedLeakMatchPrefixes(int index) {
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -840,8 +840,8 @@ public Builder setEncryptedLeakMatchPrefixes(int index, com.google.protobuf.Byte
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -865,8 +865,8 @@ public Builder addEncryptedLeakMatchPrefixes(com.google.protobuf.ByteString valu
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -888,8 +888,8 @@ public Builder addAllEncryptedLeakMatchPrefixes(
      *
      *
      * <pre>
-     * List of prefixes of the encrypted potential password leaks that matched the
-     * given parameters. They should be compared with the client-side decryption
+     * Output only. List of prefixes of the encrypted potential password leaks that matched the
+     * given parameters. They must be compared with the client-side decryption
      * prefix of `reencrypted_user_credentials_hash`
      * </pre>
      *
@@ -912,8 +912,8 @@ public Builder clearEncryptedLeakMatchPrefixes() {
      *
      *
      * <pre>
-     * Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
-     * field. Used to match potential password leaks within
+     * Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
+     * field. It is used to match potential password leaks within
      * `encrypted_leak_match_prefixes`.
      * </pre>
      *
@@ -931,8 +931,8 @@ public com.google.protobuf.ByteString getReencryptedUserCredentialsHash() {
      *
      *
      * <pre>
-     * Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
-     * field. Used to match potential password leaks within
+     * Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
+     * field. It is used to match potential password leaks within
      * `encrypted_leak_match_prefixes`.
      * </pre>
      *
@@ -956,8 +956,8 @@ public Builder setReencryptedUserCredentialsHash(com.google.protobuf.ByteString
      *
      *
      * <pre>
-     * Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
-     * field. Used to match potential password leaks within
+     * Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
+     * field. It is used to match potential password leaks within
      * `encrypted_leak_match_prefixes`.
      * </pre>
      *
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerificationOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerificationOrBuilder.java
index bd1058eb22ad..dbdd781ddd72 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerificationOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/PrivatePasswordLeakVerificationOrBuilder.java
@@ -27,7 +27,7 @@ public interface PrivatePasswordLeakVerificationOrBuilder
    *
    *
    * <pre>
-   * Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
+   * Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
    * is used to look up password leaks associated with that hash prefix.
    * </pre>
    *
@@ -41,7 +41,7 @@ public interface PrivatePasswordLeakVerificationOrBuilder
    *
    *
    * <pre>
-   * Encrypted Scrypt hash of the canonicalized username+password. It is
+   * Optional. Encrypted Scrypt hash of the canonicalized username+password. It is
    * re-encrypted by the server and returned through
    * `reencrypted_user_credentials_hash`.
    * </pre>
@@ -57,8 +57,8 @@ public interface PrivatePasswordLeakVerificationOrBuilder
    *
    *
    * <pre>
-   * List of prefixes of the encrypted potential password leaks that matched the
-   * given parameters. They should be compared with the client-side decryption
+   * Output only. List of prefixes of the encrypted potential password leaks that matched the
+   * given parameters. They must be compared with the client-side decryption
    * prefix of `reencrypted_user_credentials_hash`
    * </pre>
    *
@@ -73,8 +73,8 @@ public interface PrivatePasswordLeakVerificationOrBuilder
    *
    *
    * <pre>
-   * List of prefixes of the encrypted potential password leaks that matched the
-   * given parameters. They should be compared with the client-side decryption
+   * Output only. List of prefixes of the encrypted potential password leaks that matched the
+   * given parameters. They must be compared with the client-side decryption
    * prefix of `reencrypted_user_credentials_hash`
    * </pre>
    *
@@ -89,8 +89,8 @@ public interface PrivatePasswordLeakVerificationOrBuilder
    *
    *
    * <pre>
-   * List of prefixes of the encrypted potential password leaks that matched the
-   * given parameters. They should be compared with the client-side decryption
+   * Output only. List of prefixes of the encrypted potential password leaks that matched the
+   * given parameters. They must be compared with the client-side decryption
    * prefix of `reencrypted_user_credentials_hash`
    * </pre>
    *
@@ -107,8 +107,8 @@ public interface PrivatePasswordLeakVerificationOrBuilder
    *
    *
    * <pre>
-   * Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
-   * field. Used to match potential password leaks within
+   * Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
+   * field. It is used to match potential password leaks within
    * `encrypted_leak_match_prefixes`.
    * </pre>
    *
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseProto.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseProto.java
index 171baed0b909..3acac0298309 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseProto.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RecaptchaEnterpriseProto.java
@@ -39,6 +39,10 @@ public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry r
       internal_static_google_cloud_recaptchaenterprise_v1_AnnotateAssessmentResponse_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_cloud_recaptchaenterprise_v1_AnnotateAssessmentResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
       internal_static_google_cloud_recaptchaenterprise_v1_Assessment_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
@@ -59,10 +63,6 @@ public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry r
       internal_static_google_cloud_recaptchaenterprise_v1_AccountDefenderAssessment_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_cloud_recaptchaenterprise_v1_AccountDefenderAssessment_fieldAccessorTable;
-  static final com.google.protobuf.Descriptors.Descriptor
-      internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_descriptor;
-  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
-      internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
       internal_static_google_cloud_recaptchaenterprise_v1_CreateKeyRequest_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
@@ -75,6 +75,10 @@ public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry r
       internal_static_google_cloud_recaptchaenterprise_v1_ListKeysResponse_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_cloud_recaptchaenterprise_v1_ListKeysResponse_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
       internal_static_google_cloud_recaptchaenterprise_v1_GetKeyRequest_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
@@ -99,6 +103,10 @@ public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry r
       internal_static_google_cloud_recaptchaenterprise_v1_Metrics_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
       internal_static_google_cloud_recaptchaenterprise_v1_Metrics_fieldAccessorTable;
+  static final com.google.protobuf.Descriptors.Descriptor
+      internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_descriptor;
+  static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_fieldAccessorTable;
   static final com.google.protobuf.Descriptors.Descriptor
       internal_static_google_cloud_recaptchaenterprise_v1_Key_descriptor;
   static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
@@ -200,7 +208,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "\372A-\n+cloudresourcemanager.googleapis.com"
           + "/Project\022H\n\nassessment\030\002 \001(\0132/.google.cl"
           + "oud.recaptchaenterprise.v1.AssessmentB\003\340"
-          + "A\002\"\260\005\n\031AnnotateAssessmentRequest\022C\n\004name"
+          + "A\002\"\223\006\n\031AnnotateAssessmentRequest\022C\n\004name"
           + "\030\001 \001(\tB5\340A\002\372A/\n-recaptchaenterprise.goog"
           + "leapis.com/Assessment\022b\n\nannotation\030\002 \001("
           + "\0162I.google.cloud.recaptchaenterprise.v1."
@@ -211,264 +219,276 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "\014B\003\340A\001\"~\n\nAnnotation\022\032\n\026ANNOTATION_UNSPE"
           + "CIFIED\020\000\022\016\n\nLEGITIMATE\020\001\022\016\n\nFRAUDULENT\020\002"
           + "\022\030\n\020PASSWORD_CORRECT\020\003\032\002\010\001\022\032\n\022PASSWORD_I"
-          + "NCORRECT\020\004\032\002\010\001\"\354\001\n\006Reason\022\026\n\022REASON_UNSP"
+          + "NCORRECT\020\004\032\002\010\001\"\317\002\n\006Reason\022\026\n\022REASON_UNSP"
           + "ECIFIED\020\000\022\016\n\nCHARGEBACK\020\001\022\024\n\020CHARGEBACK_"
-          + "FRAUD\020\010\022\026\n\022CHARGEBACK_DISPUTE\020\t\022\026\n\022PAYME"
-          + "NT_HEURISTICS\020\002\022\030\n\024INITIATED_TWO_FACTOR\020"
-          + "\007\022\025\n\021PASSED_TWO_FACTOR\020\003\022\025\n\021FAILED_TWO_F"
-          + "ACTOR\020\004\022\024\n\020CORRECT_PASSWORD\020\005\022\026\n\022INCORRE"
-          + "CT_PASSWORD\020\006\"\034\n\032AnnotateAssessmentRespo"
-          + "nse\"\266\004\n\nAssessment\022\021\n\004name\030\001 \001(\tB\003\340A\003\0229\n"
-          + "\005event\030\002 \001(\0132*.google.cloud.recaptchaent"
-          + "erprise.v1.Event\022M\n\rrisk_analysis\030\003 \001(\0132"
-          + "1.google.cloud.recaptchaenterprise.v1.Ri"
-          + "skAnalysisB\003\340A\003\022S\n\020token_properties\030\004 \001("
-          + "\01324.google.cloud.recaptchaenterprise.v1."
-          + "TokenPropertiesB\003\340A\003\022c\n\033account_defender"
-          + "_assessment\030\006 \001(\0132>.google.cloud.recaptc"
-          + "haenterprise.v1.AccountDefenderAssessmen"
-          + "t\022p\n\"private_password_leak_verification\030"
-          + "\010 \001(\0132D.google.cloud.recaptchaenterprise"
-          + ".v1.PrivatePasswordLeakVerification:_\352A\\"
-          + "\n-recaptchaenterprise.googleapis.com/Ass"
-          + "essment\022+projects/{project}/assessments/"
-          + "{assessment}\"\247\001\n\005Event\022\022\n\005token\030\001 \001(\tB\003\340"
-          + "A\001\022\025\n\010site_key\030\002 \001(\tB\003\340A\001\022\027\n\nuser_agent\030"
-          + "\003 \001(\tB\003\340A\001\022\034\n\017user_ip_address\030\004 \001(\tB\003\340A\001"
-          + "\022\034\n\017expected_action\030\005 \001(\tB\003\340A\001\022\036\n\021hashed"
-          + "_account_id\030\006 \001(\014B\003\340A\001\"\261\002\n\014RiskAnalysis\022"
-          + "\r\n\005score\030\001 \001(\002\022W\n\007reasons\030\002 \003(\0162F.google"
-          + ".cloud.recaptchaenterprise.v1.RiskAnalys"
-          + "is.ClassificationReason\"\270\001\n\024Classificati"
-          + "onReason\022%\n!CLASSIFICATION_REASON_UNSPEC"
-          + "IFIED\020\000\022\016\n\nAUTOMATION\020\001\022\032\n\026UNEXPECTED_EN"
-          + "VIRONMENT\020\002\022\024\n\020TOO_MUCH_TRAFFIC\020\003\022\035\n\031UNE"
-          + "XPECTED_USAGE_PATTERNS\020\004\022\030\n\024LOW_CONFIDEN"
-          + "CE_SCORE\020\005\"\343\002\n\017TokenProperties\022\r\n\005valid\030"
-          + "\001 \001(\010\022Z\n\016invalid_reason\030\002 \001(\0162B.google.c"
-          + "loud.recaptchaenterprise.v1.TokenPropert"
-          + "ies.InvalidReason\022/\n\013create_time\030\003 \001(\0132\032"
-          + ".google.protobuf.Timestamp\022\020\n\010hostname\030\004"
-          + " \001(\t\022\016\n\006action\030\005 \001(\t\"\221\001\n\rInvalidReason\022\036"
-          + "\n\032INVALID_REASON_UNSPECIFIED\020\000\022\032\n\026UNKNOW"
-          + "N_INVALID_REASON\020\001\022\r\n\tMALFORMED\020\002\022\013\n\007EXP"
-          + "IRED\020\003\022\010\n\004DUPE\020\004\022\013\n\007MISSING\020\005\022\021\n\rBROWSER"
-          + "_ERROR\020\006\"\266\002\n\031AccountDefenderAssessment\022c"
-          + "\n\006labels\030\001 \003(\0162S.google.cloud.recaptchae"
-          + "nterprise.v1.AccountDefenderAssessment.A"
-          + "ccountDefenderLabel\"\263\001\n\024AccountDefenderL"
-          + "abel\022&\n\"ACCOUNT_DEFENDER_LABEL_UNSPECIFI"
-          + "ED\020\000\022\021\n\rPROFILE_MATCH\020\001\022\035\n\031SUSPICIOUS_LO"
-          + "GIN_ACTIVITY\020\002\022\037\n\033SUSPICIOUS_ACCOUNT_CRE"
-          + "ATION\020\003\022 \n\034RELATED_ACCOUNTS_NUMBER_HIGH\020"
-          + "\004\"\314\001\n\037PrivatePasswordLeakVerification\022\037\n"
-          + "\022lookup_hash_prefix\030\001 \001(\014B\003\340A\001\022,\n\037encryp"
-          + "ted_user_credentials_hash\030\002 \001(\014B\003\340A\001\022*\n\035"
-          + "encrypted_leak_match_prefixes\030\003 \003(\014B\003\340A\003"
-          + "\022.\n!reencrypted_user_credentials_hash\030\004 "
-          + "\001(\014B\003\340A\003\"\223\001\n\020CreateKeyRequest\022C\n\006parent\030"
-          + "\001 \001(\tB3\340A\002\372A-\n+cloudresourcemanager.goog"
-          + "leapis.com/Project\022:\n\003key\030\002 \001(\0132(.google"
-          + ".cloud.recaptchaenterprise.v1.KeyB\003\340A\002\"\207"
-          + "\001\n\017ListKeysRequest\022C\n\006parent\030\001 \001(\tB3\340A\002\372"
-          + "A-\n+cloudresourcemanager.googleapis.com/"
-          + "Project\022\026\n\tpage_size\030\002 \001(\005B\003\340A\001\022\027\n\npage_"
-          + "token\030\003 \001(\tB\003\340A\001\"c\n\020ListKeysResponse\0226\n\004"
-          + "keys\030\001 \003(\0132(.google.cloud.recaptchaenter"
-          + "prise.v1.Key\022\027\n\017next_page_token\030\002 \001(\t\"M\n"
-          + "\rGetKeyRequest\022<\n\004name\030\001 \001(\tB.\340A\002\372A(\n&re"
-          + "captchaenterprise.googleapis.com/Key\"\204\001\n"
-          + "\020UpdateKeyRequest\022:\n\003key\030\001 \001(\0132(.google."
-          + "cloud.recaptchaenterprise.v1.KeyB\003\340A\002\0224\n"
-          + "\013update_mask\030\002 \001(\0132\032.google.protobuf.Fie"
-          + "ldMaskB\003\340A\001\"P\n\020DeleteKeyRequest\022<\n\004name\030"
-          + "\001 \001(\tB.\340A\002\372A(\n&recaptchaenterprise.googl"
-          + "eapis.com/Key\"Q\n\021MigrateKeyRequest\022<\n\004na"
-          + "me\030\001 \001(\tB.\340A\002\372A(\n&recaptchaenterprise.go"
-          + "ogleapis.com/Key\"U\n\021GetMetricsRequest\022@\n"
-          + "\004name\030\001 \001(\tB2\340A\002\372A,\n*recaptchaenterprise"
-          + ".googleapis.com/Metrics\"\300\002\n\007Metrics\022\021\n\004n"
-          + "ame\030\004 \001(\tB\003\340A\003\022.\n\nstart_time\030\001 \001(\0132\032.goo"
-          + "gle.protobuf.Timestamp\022H\n\rscore_metrics\030"
-          + "\002 \003(\01321.google.cloud.recaptchaenterprise"
-          + ".v1.ScoreMetrics\022P\n\021challenge_metrics\030\003 "
-          + "\003(\01325.google.cloud.recaptchaenterprise.v"
-          + "1.ChallengeMetrics:V\352AS\n*recaptchaenterp"
-          + "rise.googleapis.com/Metrics\022%projects/{p"
-          + "roject}/keys/{key}/metrics\"\265\005\n\003Key\022\014\n\004na"
-          + "me\030\001 \001(\t\022\024\n\014display_name\030\002 \001(\t\022K\n\014web_se"
-          + "ttings\030\003 \001(\01323.google.cloud.recaptchaent"
-          + "erprise.v1.WebKeySettingsH\000\022S\n\020android_s"
-          + "ettings\030\004 \001(\01327.google.cloud.recaptchaen"
-          + "terprise.v1.AndroidKeySettingsH\000\022K\n\014ios_"
-          + "settings\030\005 \001(\01323.google.cloud.recaptchae"
-          + "nterprise.v1.IOSKeySettingsH\000\022D\n\006labels\030"
-          + "\006 \003(\01324.google.cloud.recaptchaenterprise"
-          + ".v1.Key.LabelsEntry\022/\n\013create_time\030\007 \001(\013"
-          + "2\032.google.protobuf.Timestamp\022L\n\017testing_"
-          + "options\030\t \001(\01323.google.cloud.recaptchaen"
-          + "terprise.v1.TestingOptions\022F\n\014waf_settin"
-          + "gs\030\n \001(\01320.google.cloud.recaptchaenterpr"
-          + "ise.v1.WafSettings\032-\n\013LabelsEntry\022\013\n\003key"
-          + "\030\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028\001:J\352AG\n&recaptch"
-          + "aenterprise.googleapis.com/Key\022\035projects"
-          + "/{project}/keys/{key}B\023\n\021platform_settin"
-          + "gs\"\350\001\n\016TestingOptions\022\025\n\rtesting_score\030\001"
-          + " \001(\002\022_\n\021testing_challenge\030\002 \001(\0162D.google"
-          + ".cloud.recaptchaenterprise.v1.TestingOpt"
-          + "ions.TestingChallenge\"^\n\020TestingChalleng"
-          + "e\022!\n\035TESTING_CHALLENGE_UNSPECIFIED\020\000\022\r\n\t"
-          + "NOCAPTCHA\020\001\022\030\n\024UNSOLVABLE_CHALLENGE\020\002\"\220\004"
-          + "\n\016WebKeySettings\022\031\n\021allow_all_domains\030\003 "
-          + "\001(\010\022\027\n\017allowed_domains\030\001 \003(\t\022\031\n\021allow_am"
-          + "p_traffic\030\002 \001(\010\022b\n\020integration_type\030\004 \001("
-          + "\0162C.google.cloud.recaptchaenterprise.v1."
-          + "WebKeySettings.IntegrationTypeB\003\340A\002\022v\n\035c"
-          + "hallenge_security_preference\030\005 \001(\0162O.goo"
-          + "gle.cloud.recaptchaenterprise.v1.WebKeyS"
-          + "ettings.ChallengeSecurityPreference\"[\n\017I"
-          + "ntegrationType\022 \n\034INTEGRATION_TYPE_UNSPE"
-          + "CIFIED\020\000\022\t\n\005SCORE\020\001\022\014\n\010CHECKBOX\020\002\022\r\n\tINV"
-          + "ISIBLE\020\003\"v\n\033ChallengeSecurityPreference\022"
-          + "-\n)CHALLENGE_SECURITY_PREFERENCE_UNSPECI"
-          + "FIED\020\000\022\r\n\tUSABILITY\020\001\022\013\n\007BALANCE\020\002\022\014\n\010SE"
-          + "CURITY\020\003\"T\n\022AndroidKeySettings\022\037\n\027allow_"
-          + "all_package_names\030\002 \001(\010\022\035\n\025allowed_packa"
-          + "ge_names\030\001 \003(\t\"J\n\016IOSKeySettings\022\034\n\024allo"
-          + "w_all_bundle_ids\030\002 \001(\010\022\032\n\022allowed_bundle"
-          + "_ids\030\001 \003(\t\"\251\001\n\021ScoreDistribution\022_\n\rscor"
-          + "e_buckets\030\001 \003(\0132H.google.cloud.recaptcha"
-          + "enterprise.v1.ScoreDistribution.ScoreBuc"
-          + "ketsEntry\0323\n\021ScoreBucketsEntry\022\013\n\003key\030\001 "
-          + "\001(\005\022\r\n\005value\030\002 \001(\003:\0028\001\"\253\002\n\014ScoreMetrics\022"
-          + "O\n\017overall_metrics\030\001 \001(\01326.google.cloud."
-          + "recaptchaenterprise.v1.ScoreDistribution"
-          + "\022\\\n\016action_metrics\030\002 \003(\0132D.google.cloud."
-          + "recaptchaenterprise.v1.ScoreMetrics.Acti"
-          + "onMetricsEntry\032l\n\022ActionMetricsEntry\022\013\n\003"
-          + "key\030\001 \001(\t\022E\n\005value\030\002 \001(\01326.google.cloud."
-          + "recaptchaenterprise.v1.ScoreDistribution"
-          + ":\0028\001\"o\n\020ChallengeMetrics\022\026\n\016pageload_cou"
-          + "nt\030\001 \001(\003\022\027\n\017nocaptcha_count\030\002 \001(\003\022\024\n\014fai"
-          + "led_count\030\003 \001(\003\022\024\n\014passed_count\030\004 \001(\003\"\266\001"
-          + "\n)ListRelatedAccountGroupMembershipsRequ"
-          + "est\022X\n\006parent\030\001 \001(\tBH\340A\002\372AB\022@recaptchaen"
-          + "terprise.googleapis.com/RelatedAccountGr"
-          + "oupMembership\022\026\n\tpage_size\030\002 \001(\005B\003\340A\001\022\027\n"
-          + "\npage_token\030\003 \001(\tB\003\340A\001\"\264\001\n*ListRelatedAc"
-          + "countGroupMembershipsResponse\022m\n!related"
-          + "_account_group_memberships\030\001 \003(\0132B.googl"
-          + "e.cloud.recaptchaenterprise.v1.RelatedAc"
-          + "countGroupMembership\022\027\n\017next_page_token\030"
-          + "\002 \001(\t\"\242\001\n\037ListRelatedAccountGroupsReques"
-          + "t\022N\n\006parent\030\001 \001(\tB>\340A\002\372A8\0226recaptchaente"
-          + "rprise.googleapis.com/RelatedAccountGrou"
-          + "p\022\026\n\tpage_size\030\002 \001(\005B\003\340A\001\022\027\n\npage_token\030"
-          + "\003 \001(\tB\003\340A\001\"\225\001\n ListRelatedAccountGroupsR"
-          + "esponse\022X\n\026related_account_groups\030\001 \003(\0132"
-          + "8.google.cloud.recaptchaenterprise.v1.Re"
-          + "latedAccountGroup\022\027\n\017next_page_token\030\002 \001"
-          + "(\t\"\331\001\n+SearchRelatedAccountGroupMembersh"
-          + "ipsRequest\022Y\n\007project\030\001 \001(\tBH\340A\002\372AB\022@rec"
-          + "aptchaenterprise.googleapis.com/RelatedA"
-          + "ccountGroupMembership\022\036\n\021hashed_account_"
-          + "id\030\002 \001(\014B\003\340A\001\022\026\n\tpage_size\030\003 \001(\005B\003\340A\001\022\027\n"
-          + "\npage_token\030\004 \001(\tB\003\340A\001\"\266\001\n,SearchRelated"
-          + "AccountGroupMembershipsResponse\022m\n!relat"
-          + "ed_account_group_memberships\030\001 \003(\0132B.goo"
-          + "gle.cloud.recaptchaenterprise.v1.Related"
-          + "AccountGroupMembership\022\027\n\017next_page_toke"
-          + "n\030\002 \001(\t\"\263\002\n\035RelatedAccountGroupMembershi"
-          + "p\022V\n\004name\030\001 \001(\tBH\340A\002\372AB\n@recaptchaenterp"
-          + "rise.googleapis.com/RelatedAccountGroupM"
-          + "embership\022\031\n\021hashed_account_id\030\002 \001(\014:\236\001\352"
-          + "A\232\001\n@recaptchaenterprise.googleapis.com/"
-          + "RelatedAccountGroupMembership\022Vprojects/"
-          + "{project}/relatedaccountgroups/{relateda"
-          + "ccountgroup}/memberships/{membership}\"\337\001"
-          + "\n\023RelatedAccountGroup\022L\n\004name\030\001 \001(\tB>\340A\002"
-          + "\372A8\n6recaptchaenterprise.googleapis.com/"
-          + "RelatedAccountGroup:z\352Aw\n6recaptchaenter"
-          + "prise.googleapis.com/RelatedAccountGroup"
-          + "\022=projects/{project}/relatedaccountgroup"
-          + "s/{relatedaccountgroup}\"\322\002\n\013WafSettings\022"
-          + "U\n\013waf_service\030\001 \001(\0162;.google.cloud.reca"
-          + "ptchaenterprise.v1.WafSettings.WafServic"
-          + "eB\003\340A\002\022U\n\013waf_feature\030\002 \001(\0162;.google.clo"
-          + "ud.recaptchaenterprise.v1.WafSettings.Wa"
-          + "fFeatureB\003\340A\002\"b\n\nWafFeature\022\033\n\027WAF_FEATU"
-          + "RE_UNSPECIFIED\020\000\022\022\n\016CHALLENGE_PAGE\020\001\022\021\n\r"
-          + "SESSION_TOKEN\020\002\022\020\n\014ACTION_TOKEN\020\003\"1\n\nWaf"
-          + "Service\022\033\n\027WAF_SERVICE_UNSPECIFIED\020\000\022\006\n\002"
-          + "CA\020\0012\221\023\n\032RecaptchaEnterpriseService\022\316\001\n\020"
-          + "CreateAssessment\022<.google.cloud.recaptch"
-          + "aenterprise.v1.CreateAssessmentRequest\032/"
-          + ".google.cloud.recaptchaenterprise.v1.Ass"
-          + "essment\"K\202\323\344\223\0021\"#/v1/{parent=projects/*}"
-          + "/assessments:\nassessment\332A\021parent,assess"
-          + "ment\022\340\001\n\022AnnotateAssessment\022>.google.clo"
+          + "FRAUD\020\010\022\026\n\022CHARGEBACK_DISPUTE\020\t\022\n\n\006REFUN"
+          + "D\020\n\022\020\n\014REFUND_FRAUD\020\013\022\030\n\024TRANSACTION_ACC"
+          + "EPTED\020\014\022\030\n\024TRANSACTION_DECLINED\020\r\022\026\n\022PAY"
+          + "MENT_HEURISTICS\020\002\022\030\n\024INITIATED_TWO_FACTO"
+          + "R\020\007\022\025\n\021PASSED_TWO_FACTOR\020\003\022\025\n\021FAILED_TWO"
+          + "_FACTOR\020\004\022\024\n\020CORRECT_PASSWORD\020\005\022\026\n\022INCOR"
+          + "RECT_PASSWORD\020\006\022\017\n\013SOCIAL_SPAM\020\016\"\034\n\032Anno"
+          + "tateAssessmentResponse\"\314\001\n\037PrivatePasswo"
+          + "rdLeakVerification\022\037\n\022lookup_hash_prefix"
+          + "\030\001 \001(\014B\003\340A\001\022,\n\037encrypted_user_credential"
+          + "s_hash\030\002 \001(\014B\003\340A\001\022*\n\035encrypted_leak_matc"
+          + "h_prefixes\030\003 \003(\014B\003\340A\003\022.\n!reencrypted_use"
+          + "r_credentials_hash\030\004 \001(\014B\003\340A\003\"\266\004\n\nAssess"
+          + "ment\022\021\n\004name\030\001 \001(\tB\003\340A\003\0229\n\005event\030\002 \001(\0132*"
+          + ".google.cloud.recaptchaenterprise.v1.Eve"
+          + "nt\022M\n\rrisk_analysis\030\003 \001(\01321.google.cloud"
+          + ".recaptchaenterprise.v1.RiskAnalysisB\003\340A"
+          + "\003\022S\n\020token_properties\030\004 \001(\01324.google.clo"
+          + "ud.recaptchaenterprise.v1.TokenPropertie"
+          + "sB\003\340A\003\022c\n\033account_defender_assessment\030\006 "
+          + "\001(\0132>.google.cloud.recaptchaenterprise.v"
+          + "1.AccountDefenderAssessment\022p\n\"private_p"
+          + "assword_leak_verification\030\010 \001(\0132D.google"
+          + ".cloud.recaptchaenterprise.v1.PrivatePas"
+          + "swordLeakVerification:_\352A\\\n-recaptchaent"
+          + "erprise.googleapis.com/Assessment\022+proje"
+          + "cts/{project}/assessments/{assessment}\"\247"
+          + "\001\n\005Event\022\022\n\005token\030\001 \001(\tB\003\340A\001\022\025\n\010site_key"
+          + "\030\002 \001(\tB\003\340A\001\022\027\n\nuser_agent\030\003 \001(\tB\003\340A\001\022\034\n\017"
+          + "user_ip_address\030\004 \001(\tB\003\340A\001\022\034\n\017expected_a"
+          + "ction\030\005 \001(\tB\003\340A\001\022\036\n\021hashed_account_id\030\006 "
+          + "\001(\014B\003\340A\001\"\261\002\n\014RiskAnalysis\022\r\n\005score\030\001 \001(\002"
+          + "\022W\n\007reasons\030\002 \003(\0162F.google.cloud.recaptc"
+          + "haenterprise.v1.RiskAnalysis.Classificat"
+          + "ionReason\"\270\001\n\024ClassificationReason\022%\n!CL"
+          + "ASSIFICATION_REASON_UNSPECIFIED\020\000\022\016\n\nAUT"
+          + "OMATION\020\001\022\032\n\026UNEXPECTED_ENVIRONMENT\020\002\022\024\n"
+          + "\020TOO_MUCH_TRAFFIC\020\003\022\035\n\031UNEXPECTED_USAGE_"
+          + "PATTERNS\020\004\022\030\n\024LOW_CONFIDENCE_SCORE\020\005\"\343\002\n"
+          + "\017TokenProperties\022\r\n\005valid\030\001 \001(\010\022Z\n\016inval"
+          + "id_reason\030\002 \001(\0162B.google.cloud.recaptcha"
+          + "enterprise.v1.TokenProperties.InvalidRea"
+          + "son\022/\n\013create_time\030\003 \001(\0132\032.google.protob"
+          + "uf.Timestamp\022\020\n\010hostname\030\004 \001(\t\022\016\n\006action"
+          + "\030\005 \001(\t\"\221\001\n\rInvalidReason\022\036\n\032INVALID_REAS"
+          + "ON_UNSPECIFIED\020\000\022\032\n\026UNKNOWN_INVALID_REAS"
+          + "ON\020\001\022\r\n\tMALFORMED\020\002\022\013\n\007EXPIRED\020\003\022\010\n\004DUPE"
+          + "\020\004\022\013\n\007MISSING\020\005\022\021\n\rBROWSER_ERROR\020\006\"\266\002\n\031A"
+          + "ccountDefenderAssessment\022c\n\006labels\030\001 \003(\016"
+          + "2S.google.cloud.recaptchaenterprise.v1.A"
+          + "ccountDefenderAssessment.AccountDefender"
+          + "Label\"\263\001\n\024AccountDefenderLabel\022&\n\"ACCOUN"
+          + "T_DEFENDER_LABEL_UNSPECIFIED\020\000\022\021\n\rPROFIL"
+          + "E_MATCH\020\001\022\035\n\031SUSPICIOUS_LOGIN_ACTIVITY\020\002"
+          + "\022\037\n\033SUSPICIOUS_ACCOUNT_CREATION\020\003\022 \n\034REL"
+          + "ATED_ACCOUNTS_NUMBER_HIGH\020\004\"\223\001\n\020CreateKe"
+          + "yRequest\022C\n\006parent\030\001 \001(\tB3\340A\002\372A-\n+cloudr"
+          + "esourcemanager.googleapis.com/Project\022:\n"
+          + "\003key\030\002 \001(\0132(.google.cloud.recaptchaenter"
+          + "prise.v1.KeyB\003\340A\002\"\207\001\n\017ListKeysRequest\022C\n"
+          + "\006parent\030\001 \001(\tB3\340A\002\372A-\n+cloudresourcemana"
+          + "ger.googleapis.com/Project\022\026\n\tpage_size\030"
+          + "\002 \001(\005B\003\340A\001\022\027\n\npage_token\030\003 \001(\tB\003\340A\001\"c\n\020L"
+          + "istKeysResponse\0226\n\004keys\030\001 \003(\0132(.google.c"
+          + "loud.recaptchaenterprise.v1.Key\022\027\n\017next_"
+          + "page_token\030\002 \001(\t\"]\n\036RetrieveLegacySecret"
+          + "KeyRequest\022;\n\003key\030\001 \001(\tB.\340A\002\372A(\n&recaptc"
+          + "haenterprise.googleapis.com/Key\"M\n\rGetKe"
+          + "yRequest\022<\n\004name\030\001 \001(\tB.\340A\002\372A(\n&recaptch"
+          + "aenterprise.googleapis.com/Key\"\204\001\n\020Updat"
+          + "eKeyRequest\022:\n\003key\030\001 \001(\0132(.google.cloud."
+          + "recaptchaenterprise.v1.KeyB\003\340A\002\0224\n\013updat"
+          + "e_mask\030\002 \001(\0132\032.google.protobuf.FieldMask"
+          + "B\003\340A\001\"P\n\020DeleteKeyRequest\022<\n\004name\030\001 \001(\tB"
+          + ".\340A\002\372A(\n&recaptchaenterprise.googleapis."
+          + "com/Key\"Q\n\021MigrateKeyRequest\022<\n\004name\030\001 \001"
+          + "(\tB.\340A\002\372A(\n&recaptchaenterprise.googleap"
+          + "is.com/Key\"U\n\021GetMetricsRequest\022@\n\004name\030"
+          + "\001 \001(\tB2\340A\002\372A,\n*recaptchaenterprise.googl"
+          + "eapis.com/Metrics\"\300\002\n\007Metrics\022\021\n\004name\030\004 "
+          + "\001(\tB\003\340A\003\022.\n\nstart_time\030\001 \001(\0132\032.google.pr"
+          + "otobuf.Timestamp\022H\n\rscore_metrics\030\002 \003(\0132"
+          + "1.google.cloud.recaptchaenterprise.v1.Sc"
+          + "oreMetrics\022P\n\021challenge_metrics\030\003 \003(\01325."
+          + "google.cloud.recaptchaenterprise.v1.Chal"
+          + "lengeMetrics:V\352AS\n*recaptchaenterprise.g"
+          + "oogleapis.com/Metrics\022%projects/{project"
+          + "}/keys/{key}/metrics\"<\n\037RetrieveLegacySe"
+          + "cretKeyResponse\022\031\n\021legacy_secret_key\030\001 \001"
+          + "(\t\"\265\005\n\003Key\022\014\n\004name\030\001 \001(\t\022\024\n\014display_name"
+          + "\030\002 \001(\t\022K\n\014web_settings\030\003 \001(\01323.google.cl"
+          + "oud.recaptchaenterprise.v1.WebKeySetting"
+          + "sH\000\022S\n\020android_settings\030\004 \001(\01327.google.c"
+          + "loud.recaptchaenterprise.v1.AndroidKeySe"
+          + "ttingsH\000\022K\n\014ios_settings\030\005 \001(\01323.google."
+          + "cloud.recaptchaenterprise.v1.IOSKeySetti"
+          + "ngsH\000\022D\n\006labels\030\006 \003(\01324.google.cloud.rec"
+          + "aptchaenterprise.v1.Key.LabelsEntry\022/\n\013c"
+          + "reate_time\030\007 \001(\0132\032.google.protobuf.Times"
+          + "tamp\022L\n\017testing_options\030\t \001(\01323.google.c"
+          + "loud.recaptchaenterprise.v1.TestingOptio"
+          + "ns\022F\n\014waf_settings\030\n \001(\01320.google.cloud."
+          + "recaptchaenterprise.v1.WafSettings\032-\n\013La"
+          + "belsEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005value\030\002 \001(\t:\0028"
+          + "\001:J\352AG\n&recaptchaenterprise.googleapis.c"
+          + "om/Key\022\035projects/{project}/keys/{key}B\023\n"
+          + "\021platform_settings\"\350\001\n\016TestingOptions\022\025\n"
+          + "\rtesting_score\030\001 \001(\002\022_\n\021testing_challeng"
+          + "e\030\002 \001(\0162D.google.cloud.recaptchaenterpri"
+          + "se.v1.TestingOptions.TestingChallenge\"^\n"
+          + "\020TestingChallenge\022!\n\035TESTING_CHALLENGE_U"
+          + "NSPECIFIED\020\000\022\r\n\tNOCAPTCHA\020\001\022\030\n\024UNSOLVABL"
+          + "E_CHALLENGE\020\002\"\220\004\n\016WebKeySettings\022\031\n\021allo"
+          + "w_all_domains\030\003 \001(\010\022\027\n\017allowed_domains\030\001"
+          + " \003(\t\022\031\n\021allow_amp_traffic\030\002 \001(\010\022b\n\020integ"
+          + "ration_type\030\004 \001(\0162C.google.cloud.recaptc"
+          + "haenterprise.v1.WebKeySettings.Integrati"
+          + "onTypeB\003\340A\002\022v\n\035challenge_security_prefer"
+          + "ence\030\005 \001(\0162O.google.cloud.recaptchaenter"
+          + "prise.v1.WebKeySettings.ChallengeSecurit"
+          + "yPreference\"[\n\017IntegrationType\022 \n\034INTEGR"
+          + "ATION_TYPE_UNSPECIFIED\020\000\022\t\n\005SCORE\020\001\022\014\n\010C"
+          + "HECKBOX\020\002\022\r\n\tINVISIBLE\020\003\"v\n\033ChallengeSec"
+          + "urityPreference\022-\n)CHALLENGE_SECURITY_PR"
+          + "EFERENCE_UNSPECIFIED\020\000\022\r\n\tUSABILITY\020\001\022\013\n"
+          + "\007BALANCE\020\002\022\014\n\010SECURITY\020\003\"T\n\022AndroidKeySe"
+          + "ttings\022\037\n\027allow_all_package_names\030\002 \001(\010\022"
+          + "\035\n\025allowed_package_names\030\001 \003(\t\"J\n\016IOSKey"
+          + "Settings\022\034\n\024allow_all_bundle_ids\030\002 \001(\010\022\032"
+          + "\n\022allowed_bundle_ids\030\001 \003(\t\"\251\001\n\021ScoreDist"
+          + "ribution\022_\n\rscore_buckets\030\001 \003(\0132H.google"
+          + ".cloud.recaptchaenterprise.v1.ScoreDistr"
+          + "ibution.ScoreBucketsEntry\0323\n\021ScoreBucket"
+          + "sEntry\022\013\n\003key\030\001 \001(\005\022\r\n\005value\030\002 \001(\003:\0028\001\"\253"
+          + "\002\n\014ScoreMetrics\022O\n\017overall_metrics\030\001 \001(\013"
+          + "26.google.cloud.recaptchaenterprise.v1.S"
+          + "coreDistribution\022\\\n\016action_metrics\030\002 \003(\013"
+          + "2D.google.cloud.recaptchaenterprise.v1.S"
+          + "coreMetrics.ActionMetricsEntry\032l\n\022Action"
+          + "MetricsEntry\022\013\n\003key\030\001 \001(\t\022E\n\005value\030\002 \001(\013"
+          + "26.google.cloud.recaptchaenterprise.v1.S"
+          + "coreDistribution:\0028\001\"o\n\020ChallengeMetrics"
+          + "\022\026\n\016pageload_count\030\001 \001(\003\022\027\n\017nocaptcha_co"
+          + "unt\030\002 \001(\003\022\024\n\014failed_count\030\003 \001(\003\022\024\n\014passe"
+          + "d_count\030\004 \001(\003\"\266\001\n)ListRelatedAccountGrou"
+          + "pMembershipsRequest\022X\n\006parent\030\001 \001(\tBH\340A\002"
+          + "\372AB\022@recaptchaenterprise.googleapis.com/"
+          + "RelatedAccountGroupMembership\022\026\n\tpage_si"
+          + "ze\030\002 \001(\005B\003\340A\001\022\027\n\npage_token\030\003 \001(\tB\003\340A\001\"\264"
+          + "\001\n*ListRelatedAccountGroupMembershipsRes"
+          + "ponse\022m\n!related_account_group_membershi"
+          + "ps\030\001 \003(\0132B.google.cloud.recaptchaenterpr"
+          + "ise.v1.RelatedAccountGroupMembership\022\027\n\017"
+          + "next_page_token\030\002 \001(\t\"\242\001\n\037ListRelatedAcc"
+          + "ountGroupsRequest\022N\n\006parent\030\001 \001(\tB>\340A\002\372A"
+          + "8\0226recaptchaenterprise.googleapis.com/Re"
+          + "latedAccountGroup\022\026\n\tpage_size\030\002 \001(\005B\003\340A"
+          + "\001\022\027\n\npage_token\030\003 \001(\tB\003\340A\001\"\225\001\n ListRelat"
+          + "edAccountGroupsResponse\022X\n\026related_accou"
+          + "nt_groups\030\001 \003(\01328.google.cloud.recaptcha"
+          + "enterprise.v1.RelatedAccountGroup\022\027\n\017nex"
+          + "t_page_token\030\002 \001(\t\"\331\001\n+SearchRelatedAcco"
+          + "untGroupMembershipsRequest\022Y\n\007project\030\001 "
+          + "\001(\tBH\340A\002\372AB\022@recaptchaenterprise.googlea"
+          + "pis.com/RelatedAccountGroupMembership\022\036\n"
+          + "\021hashed_account_id\030\002 \001(\014B\003\340A\001\022\026\n\tpage_si"
+          + "ze\030\003 \001(\005B\003\340A\001\022\027\n\npage_token\030\004 \001(\tB\003\340A\001\"\266"
+          + "\001\n,SearchRelatedAccountGroupMembershipsR"
+          + "esponse\022m\n!related_account_group_members"
+          + "hips\030\001 \003(\0132B.google.cloud.recaptchaenter"
+          + "prise.v1.RelatedAccountGroupMembership\022\027"
+          + "\n\017next_page_token\030\002 \001(\t\"\263\002\n\035RelatedAccou"
+          + "ntGroupMembership\022V\n\004name\030\001 \001(\tBH\340A\002\372AB\n"
+          + "@recaptchaenterprise.googleapis.com/Rela"
+          + "tedAccountGroupMembership\022\031\n\021hashed_acco"
+          + "unt_id\030\002 \001(\014:\236\001\352A\232\001\n@recaptchaenterprise"
+          + ".googleapis.com/RelatedAccountGroupMembe"
+          + "rship\022Vprojects/{project}/relatedaccount"
+          + "groups/{relatedaccountgroup}/memberships"
+          + "/{membership}\"\337\001\n\023RelatedAccountGroup\022L\n"
+          + "\004name\030\001 \001(\tB>\340A\002\372A8\n6recaptchaenterprise"
+          + ".googleapis.com/RelatedAccountGroup:z\352Aw"
+          + "\n6recaptchaenterprise.googleapis.com/Rel"
+          + "atedAccountGroup\022=projects/{project}/rel"
+          + "atedaccountgroups/{relatedaccountgroup}\""
+          + "\322\002\n\013WafSettings\022U\n\013waf_service\030\001 \001(\0162;.g"
+          + "oogle.cloud.recaptchaenterprise.v1.WafSe"
+          + "ttings.WafServiceB\003\340A\002\022U\n\013waf_feature\030\002 "
+          + "\001(\0162;.google.cloud.recaptchaenterprise.v"
+          + "1.WafSettings.WafFeatureB\003\340A\002\"b\n\nWafFeat"
+          + "ure\022\033\n\027WAF_FEATURE_UNSPECIFIED\020\000\022\022\n\016CHAL"
+          + "LENGE_PAGE\020\001\022\021\n\rSESSION_TOKEN\020\002\022\020\n\014ACTIO"
+          + "N_TOKEN\020\003\"1\n\nWafService\022\033\n\027WAF_SERVICE_U"
+          + "NSPECIFIED\020\000\022\006\n\002CA\020\0012\373\024\n\032RecaptchaEnterp"
+          + "riseService\022\316\001\n\020CreateAssessment\022<.googl"
+          + "e.cloud.recaptchaenterprise.v1.CreateAss"
+          + "essmentRequest\032/.google.cloud.recaptchae"
+          + "nterprise.v1.Assessment\"K\202\323\344\223\0021\"#/v1/{pa"
+          + "rent=projects/*}/assessments:\nassessment"
+          + "\332A\021parent,assessment\022\340\001\n\022AnnotateAssessm"
+          + "ent\022>.google.cloud.recaptchaenterprise.v"
+          + "1.AnnotateAssessmentRequest\032?.google.clo"
           + "ud.recaptchaenterprise.v1.AnnotateAssess"
-          + "mentRequest\032?.google.cloud.recaptchaente"
-          + "rprise.v1.AnnotateAssessmentResponse\"I\202\323"
-          + "\344\223\0021\",/v1/{name=projects/*/assessments/*"
-          + "}:annotate:\001*\332A\017name,annotation\022\227\001\n\tCrea"
-          + "teKey\0225.google.cloud.recaptchaenterprise"
-          + ".v1.CreateKeyRequest\032(.google.cloud.reca"
-          + "ptchaenterprise.v1.Key\")\202\323\344\223\002#\"\034/v1/{par"
-          + "ent=projects/*}/keys:\003key\022\235\001\n\010ListKeys\0224"
-          + ".google.cloud.recaptchaenterprise.v1.Lis"
-          + "tKeysRequest\0325.google.cloud.recaptchaent"
-          + "erprise.v1.ListKeysResponse\"$\202\323\344\223\002\036\022\034/v1"
-          + "/{parent=projects/*}/keys\022\214\001\n\006GetKey\0222.g"
-          + "oogle.cloud.recaptchaenterprise.v1.GetKe"
-          + "yRequest\032(.google.cloud.recaptchaenterpr"
-          + "ise.v1.Key\"$\202\323\344\223\002\036\022\034/v1/{name=projects/*"
-          + "/keys/*}\022\233\001\n\tUpdateKey\0225.google.cloud.re"
-          + "captchaenterprise.v1.UpdateKeyRequest\032(."
-          + "google.cloud.recaptchaenterprise.v1.Key\""
-          + "-\202\323\344\223\002\'2 /v1/{key.name=projects/*/keys/*"
-          + "}:\003key\022\200\001\n\tDeleteKey\0225.google.cloud.reca"
-          + "ptchaenterprise.v1.DeleteKeyRequest\032\026.go"
-          + "ogle.protobuf.Empty\"$\202\323\344\223\002\036*\034/v1/{name=p"
-          + "rojects/*/keys/*}\022\237\001\n\nMigrateKey\0226.googl"
-          + "e.cloud.recaptchaenterprise.v1.MigrateKe"
-          + "yRequest\032(.google.cloud.recaptchaenterpr"
-          + "ise.v1.Key\"/\202\323\344\223\002)\"$/v1/{name=projects/*"
-          + "/keys/*}:migrate:\001*\022\247\001\n\nGetMetrics\0226.goo"
-          + "gle.cloud.recaptchaenterprise.v1.GetMetr"
-          + "icsRequest\032,.google.cloud.recaptchaenter"
-          + "prise.v1.Metrics\"3\202\323\344\223\002&\022$/v1/{name=proj"
-          + "ects/*/keys/*/metrics}\332A\004name\022\346\001\n\030ListRe"
-          + "latedAccountGroups\022D.google.cloud.recapt"
+          + "mentResponse\"I\202\323\344\223\0021\",/v1/{name=projects"
+          + "/*/assessments/*}:annotate:\001*\332A\017name,ann"
+          + "otation\022\227\001\n\tCreateKey\0225.google.cloud.rec"
+          + "aptchaenterprise.v1.CreateKeyRequest\032(.g"
+          + "oogle.cloud.recaptchaenterprise.v1.Key\")"
+          + "\202\323\344\223\002#\"\034/v1/{parent=projects/*}/keys:\003ke"
+          + "y\022\235\001\n\010ListKeys\0224.google.cloud.recaptchae"
+          + "nterprise.v1.ListKeysRequest\0325.google.cl"
+          + "oud.recaptchaenterprise.v1.ListKeysRespo"
+          + "nse\"$\202\323\344\223\002\036\022\034/v1/{parent=projects/*}/key"
+          + "s\022\347\001\n\027RetrieveLegacySecretKey\022C.google.c"
+          + "loud.recaptchaenterprise.v1.RetrieveLega"
+          + "cySecretKeyRequest\032D.google.cloud.recapt"
+          + "chaenterprise.v1.RetrieveLegacySecretKey"
+          + "Response\"A\202\323\344\223\0025\0223/v1/{key=projects/*/ke"
+          + "ys/*}:retrieveLegacySecretKey\332A\003key\022\214\001\n\006"
+          + "GetKey\0222.google.cloud.recaptchaenterpris"
+          + "e.v1.GetKeyRequest\032(.google.cloud.recapt"
+          + "chaenterprise.v1.Key\"$\202\323\344\223\002\036\022\034/v1/{name="
+          + "projects/*/keys/*}\022\233\001\n\tUpdateKey\0225.googl"
+          + "e.cloud.recaptchaenterprise.v1.UpdateKey"
+          + "Request\032(.google.cloud.recaptchaenterpri"
+          + "se.v1.Key\"-\202\323\344\223\002\'2 /v1/{key.name=project"
+          + "s/*/keys/*}:\003key\022\200\001\n\tDeleteKey\0225.google."
+          + "cloud.recaptchaenterprise.v1.DeleteKeyRe"
+          + "quest\032\026.google.protobuf.Empty\"$\202\323\344\223\002\036*\034/"
+          + "v1/{name=projects/*/keys/*}\022\237\001\n\nMigrateK"
+          + "ey\0226.google.cloud.recaptchaenterprise.v1"
+          + ".MigrateKeyRequest\032(.google.cloud.recapt"
+          + "chaenterprise.v1.Key\"/\202\323\344\223\002)\"$/v1/{name="
+          + "projects/*/keys/*}:migrate:\001*\022\247\001\n\nGetMet"
+          + "rics\0226.google.cloud.recaptchaenterprise."
+          + "v1.GetMetricsRequest\032,.google.cloud.reca"
+          + "ptchaenterprise.v1.Metrics\"3\202\323\344\223\002&\022$/v1/"
+          + "{name=projects/*/keys/*/metrics}\332A\004name\022"
+          + "\346\001\n\030ListRelatedAccountGroups\022D.google.cl"
+          + "oud.recaptchaenterprise.v1.ListRelatedAc"
+          + "countGroupsRequest\032E.google.cloud.recapt"
           + "chaenterprise.v1.ListRelatedAccountGroup"
-          + "sRequest\032E.google.cloud.recaptchaenterpr"
-          + "ise.v1.ListRelatedAccountGroupsResponse\""
-          + "=\202\323\344\223\002.\022,/v1/{parent=projects/*}/related"
-          + "accountgroups\332A\006parent\022\222\002\n\"ListRelatedAc"
-          + "countGroupMemberships\022N.google.cloud.rec"
-          + "aptchaenterprise.v1.ListRelatedAccountGr"
-          + "oupMembershipsRequest\032O.google.cloud.rec"
-          + "aptchaenterprise.v1.ListRelatedAccountGr"
-          + "oupMembershipsResponse\"K\202\323\344\223\002<\022:/v1/{par"
-          + "ent=projects/*/relatedaccountgroups/*}/m"
-          + "emberships\332A\006parent\022\262\002\n$SearchRelatedAcc"
-          + "ountGroupMemberships\022P.google.cloud.reca"
-          + "ptchaenterprise.v1.SearchRelatedAccountG"
-          + "roupMembershipsRequest\032Q.google.cloud.re"
-          + "captchaenterprise.v1.SearchRelatedAccoun"
-          + "tGroupMembershipsResponse\"e\202\323\344\223\002C\">/v1/{"
-          + "project=projects/*}/relatedaccountgroupm"
-          + "emberships:search:\001*\332A\031project,hashed_ac"
-          + "count_id\032V\312A\"recaptchaenterprise.googlea"
-          + "pis.com\322A.https://www.googleapis.com/aut"
-          + "h/cloud-platformB\223\002\n!com.google.recaptch"
-          + "aenterprise.v1B\030RecaptchaEnterpriseProto"
-          + "P\001ZVgoogle.golang.org/genproto/googleapi"
-          + "s/cloud/recaptchaenterprise/v1;recaptcha"
-          + "enterprise\242\002\004GCRE\252\002#Google.Cloud.Recaptc"
-          + "haEnterprise.V1\312\002#Google\\Cloud\\Recaptcha"
-          + "Enterprise\\V1\352\002&Google::Cloud::Recaptcha"
-          + "Enterprise::V1b\006proto3"
+          + "sResponse\"=\202\323\344\223\002.\022,/v1/{parent=projects/"
+          + "*}/relatedaccountgroups\332A\006parent\022\222\002\n\"Lis"
+          + "tRelatedAccountGroupMemberships\022N.google"
+          + ".cloud.recaptchaenterprise.v1.ListRelate"
+          + "dAccountGroupMembershipsRequest\032O.google"
+          + ".cloud.recaptchaenterprise.v1.ListRelate"
+          + "dAccountGroupMembershipsResponse\"K\202\323\344\223\002<"
+          + "\022:/v1/{parent=projects/*/relatedaccountg"
+          + "roups/*}/memberships\332A\006parent\022\262\002\n$Search"
+          + "RelatedAccountGroupMemberships\022P.google."
+          + "cloud.recaptchaenterprise.v1.SearchRelat"
+          + "edAccountGroupMembershipsRequest\032Q.googl"
+          + "e.cloud.recaptchaenterprise.v1.SearchRel"
+          + "atedAccountGroupMembershipsResponse\"e\202\323\344"
+          + "\223\002C\">/v1/{project=projects/*}/relatedacc"
+          + "ountgroupmemberships:search:\001*\332A\031project"
+          + ",hashed_account_id\032V\312A\"recaptchaenterpri"
+          + "se.googleapis.com\322A.https://www.googleap"
+          + "is.com/auth/cloud-platformB\223\002\n!com.googl"
+          + "e.recaptchaenterprise.v1B\030RecaptchaEnter"
+          + "priseProtoP\001ZVgoogle.golang.org/genproto"
+          + "/googleapis/cloud/recaptchaenterprise/v1"
+          + ";recaptchaenterprise\242\002\004GCRE\252\002#Google.Clo"
+          + "ud.RecaptchaEnterprise.V1\312\002#Google\\Cloud"
+          + "\\RecaptchaEnterprise\\V1\352\002&Google::Cloud:"
+          + ":RecaptchaEnterprise::V1b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -504,8 +524,19 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_AnnotateAssessmentResponse_descriptor,
             new java.lang.String[] {});
-    internal_static_google_cloud_recaptchaenterprise_v1_Assessment_descriptor =
+    internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_descriptor =
         getDescriptor().getMessageTypes().get(3);
+    internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_descriptor,
+            new java.lang.String[] {
+              "LookupHashPrefix",
+              "EncryptedUserCredentialsHash",
+              "EncryptedLeakMatchPrefixes",
+              "ReencryptedUserCredentialsHash",
+            });
+    internal_static_google_cloud_recaptchaenterprise_v1_Assessment_descriptor =
+        getDescriptor().getMessageTypes().get(4);
     internal_static_google_cloud_recaptchaenterprise_v1_Assessment_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_Assessment_descriptor,
@@ -518,7 +549,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "PrivatePasswordLeakVerification",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_Event_descriptor =
-        getDescriptor().getMessageTypes().get(4);
+        getDescriptor().getMessageTypes().get(5);
     internal_static_google_cloud_recaptchaenterprise_v1_Event_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_Event_descriptor,
@@ -526,7 +557,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Token", "SiteKey", "UserAgent", "UserIpAddress", "ExpectedAction", "HashedAccountId",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_RiskAnalysis_descriptor =
-        getDescriptor().getMessageTypes().get(5);
+        getDescriptor().getMessageTypes().get(6);
     internal_static_google_cloud_recaptchaenterprise_v1_RiskAnalysis_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_RiskAnalysis_descriptor,
@@ -534,7 +565,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Score", "Reasons",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_TokenProperties_descriptor =
-        getDescriptor().getMessageTypes().get(6);
+        getDescriptor().getMessageTypes().get(7);
     internal_static_google_cloud_recaptchaenterprise_v1_TokenProperties_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_TokenProperties_descriptor,
@@ -542,24 +573,13 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Valid", "InvalidReason", "CreateTime", "Hostname", "Action",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_AccountDefenderAssessment_descriptor =
-        getDescriptor().getMessageTypes().get(7);
+        getDescriptor().getMessageTypes().get(8);
     internal_static_google_cloud_recaptchaenterprise_v1_AccountDefenderAssessment_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_AccountDefenderAssessment_descriptor,
             new java.lang.String[] {
               "Labels",
             });
-    internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_descriptor =
-        getDescriptor().getMessageTypes().get(8);
-    internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_fieldAccessorTable =
-        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
-            internal_static_google_cloud_recaptchaenterprise_v1_PrivatePasswordLeakVerification_descriptor,
-            new java.lang.String[] {
-              "LookupHashPrefix",
-              "EncryptedUserCredentialsHash",
-              "EncryptedLeakMatchPrefixes",
-              "ReencryptedUserCredentialsHash",
-            });
     internal_static_google_cloud_recaptchaenterprise_v1_CreateKeyRequest_descriptor =
         getDescriptor().getMessageTypes().get(9);
     internal_static_google_cloud_recaptchaenterprise_v1_CreateKeyRequest_fieldAccessorTable =
@@ -584,8 +604,16 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
             new java.lang.String[] {
               "Keys", "NextPageToken",
             });
-    internal_static_google_cloud_recaptchaenterprise_v1_GetKeyRequest_descriptor =
+    internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_descriptor =
         getDescriptor().getMessageTypes().get(12);
+    internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_descriptor,
+            new java.lang.String[] {
+              "Key",
+            });
+    internal_static_google_cloud_recaptchaenterprise_v1_GetKeyRequest_descriptor =
+        getDescriptor().getMessageTypes().get(13);
     internal_static_google_cloud_recaptchaenterprise_v1_GetKeyRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_GetKeyRequest_descriptor,
@@ -593,7 +621,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Name",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_UpdateKeyRequest_descriptor =
-        getDescriptor().getMessageTypes().get(13);
+        getDescriptor().getMessageTypes().get(14);
     internal_static_google_cloud_recaptchaenterprise_v1_UpdateKeyRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_UpdateKeyRequest_descriptor,
@@ -601,7 +629,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Key", "UpdateMask",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_DeleteKeyRequest_descriptor =
-        getDescriptor().getMessageTypes().get(14);
+        getDescriptor().getMessageTypes().get(15);
     internal_static_google_cloud_recaptchaenterprise_v1_DeleteKeyRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_DeleteKeyRequest_descriptor,
@@ -609,7 +637,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Name",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_MigrateKeyRequest_descriptor =
-        getDescriptor().getMessageTypes().get(15);
+        getDescriptor().getMessageTypes().get(16);
     internal_static_google_cloud_recaptchaenterprise_v1_MigrateKeyRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_MigrateKeyRequest_descriptor,
@@ -617,7 +645,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Name",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_GetMetricsRequest_descriptor =
-        getDescriptor().getMessageTypes().get(16);
+        getDescriptor().getMessageTypes().get(17);
     internal_static_google_cloud_recaptchaenterprise_v1_GetMetricsRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_GetMetricsRequest_descriptor,
@@ -625,15 +653,23 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Name",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_Metrics_descriptor =
-        getDescriptor().getMessageTypes().get(17);
+        getDescriptor().getMessageTypes().get(18);
     internal_static_google_cloud_recaptchaenterprise_v1_Metrics_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_Metrics_descriptor,
             new java.lang.String[] {
               "Name", "StartTime", "ScoreMetrics", "ChallengeMetrics",
             });
+    internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_descriptor =
+        getDescriptor().getMessageTypes().get(19);
+    internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_fieldAccessorTable =
+        new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+            internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_descriptor,
+            new java.lang.String[] {
+              "LegacySecretKey",
+            });
     internal_static_google_cloud_recaptchaenterprise_v1_Key_descriptor =
-        getDescriptor().getMessageTypes().get(18);
+        getDescriptor().getMessageTypes().get(20);
     internal_static_google_cloud_recaptchaenterprise_v1_Key_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_Key_descriptor,
@@ -658,7 +694,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Key", "Value",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_TestingOptions_descriptor =
-        getDescriptor().getMessageTypes().get(19);
+        getDescriptor().getMessageTypes().get(21);
     internal_static_google_cloud_recaptchaenterprise_v1_TestingOptions_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_TestingOptions_descriptor,
@@ -666,7 +702,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "TestingScore", "TestingChallenge",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_WebKeySettings_descriptor =
-        getDescriptor().getMessageTypes().get(20);
+        getDescriptor().getMessageTypes().get(22);
     internal_static_google_cloud_recaptchaenterprise_v1_WebKeySettings_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_WebKeySettings_descriptor,
@@ -678,7 +714,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "ChallengeSecurityPreference",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_AndroidKeySettings_descriptor =
-        getDescriptor().getMessageTypes().get(21);
+        getDescriptor().getMessageTypes().get(23);
     internal_static_google_cloud_recaptchaenterprise_v1_AndroidKeySettings_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_AndroidKeySettings_descriptor,
@@ -686,7 +722,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "AllowAllPackageNames", "AllowedPackageNames",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_IOSKeySettings_descriptor =
-        getDescriptor().getMessageTypes().get(22);
+        getDescriptor().getMessageTypes().get(24);
     internal_static_google_cloud_recaptchaenterprise_v1_IOSKeySettings_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_IOSKeySettings_descriptor,
@@ -694,7 +730,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "AllowAllBundleIds", "AllowedBundleIds",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ScoreDistribution_descriptor =
-        getDescriptor().getMessageTypes().get(23);
+        getDescriptor().getMessageTypes().get(25);
     internal_static_google_cloud_recaptchaenterprise_v1_ScoreDistribution_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ScoreDistribution_descriptor,
@@ -712,7 +748,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Key", "Value",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ScoreMetrics_descriptor =
-        getDescriptor().getMessageTypes().get(24);
+        getDescriptor().getMessageTypes().get(26);
     internal_static_google_cloud_recaptchaenterprise_v1_ScoreMetrics_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ScoreMetrics_descriptor,
@@ -730,7 +766,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Key", "Value",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ChallengeMetrics_descriptor =
-        getDescriptor().getMessageTypes().get(25);
+        getDescriptor().getMessageTypes().get(27);
     internal_static_google_cloud_recaptchaenterprise_v1_ChallengeMetrics_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ChallengeMetrics_descriptor,
@@ -738,7 +774,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "PageloadCount", "NocaptchaCount", "FailedCount", "PassedCount",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupMembershipsRequest_descriptor =
-        getDescriptor().getMessageTypes().get(26);
+        getDescriptor().getMessageTypes().get(28);
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupMembershipsRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupMembershipsRequest_descriptor,
@@ -746,7 +782,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Parent", "PageSize", "PageToken",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupMembershipsResponse_descriptor =
-        getDescriptor().getMessageTypes().get(27);
+        getDescriptor().getMessageTypes().get(29);
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupMembershipsResponse_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupMembershipsResponse_descriptor,
@@ -754,7 +790,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "RelatedAccountGroupMemberships", "NextPageToken",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupsRequest_descriptor =
-        getDescriptor().getMessageTypes().get(28);
+        getDescriptor().getMessageTypes().get(30);
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupsRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupsRequest_descriptor,
@@ -762,7 +798,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Parent", "PageSize", "PageToken",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupsResponse_descriptor =
-        getDescriptor().getMessageTypes().get(29);
+        getDescriptor().getMessageTypes().get(31);
     internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupsResponse_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_ListRelatedAccountGroupsResponse_descriptor,
@@ -770,7 +806,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "RelatedAccountGroups", "NextPageToken",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_SearchRelatedAccountGroupMembershipsRequest_descriptor =
-        getDescriptor().getMessageTypes().get(30);
+        getDescriptor().getMessageTypes().get(32);
     internal_static_google_cloud_recaptchaenterprise_v1_SearchRelatedAccountGroupMembershipsRequest_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_SearchRelatedAccountGroupMembershipsRequest_descriptor,
@@ -778,7 +814,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Project", "HashedAccountId", "PageSize", "PageToken",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_SearchRelatedAccountGroupMembershipsResponse_descriptor =
-        getDescriptor().getMessageTypes().get(31);
+        getDescriptor().getMessageTypes().get(33);
     internal_static_google_cloud_recaptchaenterprise_v1_SearchRelatedAccountGroupMembershipsResponse_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_SearchRelatedAccountGroupMembershipsResponse_descriptor,
@@ -786,7 +822,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "RelatedAccountGroupMemberships", "NextPageToken",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_RelatedAccountGroupMembership_descriptor =
-        getDescriptor().getMessageTypes().get(32);
+        getDescriptor().getMessageTypes().get(34);
     internal_static_google_cloud_recaptchaenterprise_v1_RelatedAccountGroupMembership_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_RelatedAccountGroupMembership_descriptor,
@@ -794,7 +830,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Name", "HashedAccountId",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_RelatedAccountGroup_descriptor =
-        getDescriptor().getMessageTypes().get(33);
+        getDescriptor().getMessageTypes().get(35);
     internal_static_google_cloud_recaptchaenterprise_v1_RelatedAccountGroup_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_RelatedAccountGroup_descriptor,
@@ -802,7 +838,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
               "Name",
             });
     internal_static_google_cloud_recaptchaenterprise_v1_WafSettings_descriptor =
-        getDescriptor().getMessageTypes().get(34);
+        getDescriptor().getMessageTypes().get(36);
     internal_static_google_cloud_recaptchaenterprise_v1_WafSettings_fieldAccessorTable =
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_recaptchaenterprise_v1_WafSettings_descriptor,
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembership.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembership.java
index da1f18d08f37..0579a17c1741 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembership.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembership.java
@@ -131,7 +131,7 @@ public com.google.protobuf.ByteString getNameBytes() {
    * <pre>
    * The unique stable hashed user identifier of the member. The identifier
    * corresponds to a `hashed_account_id` provided in a previous
-   * CreateAssessment or AnnotateAssessment call.
+   * `CreateAssessment` or `AnnotateAssessment` call.
    * </pre>
    *
    * <code>bytes hashed_account_id = 2;</code>
@@ -626,7 +626,7 @@ public Builder setNameBytes(com.google.protobuf.ByteString value) {
      * <pre>
      * The unique stable hashed user identifier of the member. The identifier
      * corresponds to a `hashed_account_id` provided in a previous
-     * CreateAssessment or AnnotateAssessment call.
+     * `CreateAssessment` or `AnnotateAssessment` call.
      * </pre>
      *
      * <code>bytes hashed_account_id = 2;</code>
@@ -643,7 +643,7 @@ public com.google.protobuf.ByteString getHashedAccountId() {
      * <pre>
      * The unique stable hashed user identifier of the member. The identifier
      * corresponds to a `hashed_account_id` provided in a previous
-     * CreateAssessment or AnnotateAssessment call.
+     * `CreateAssessment` or `AnnotateAssessment` call.
      * </pre>
      *
      * <code>bytes hashed_account_id = 2;</code>
@@ -666,7 +666,7 @@ public Builder setHashedAccountId(com.google.protobuf.ByteString value) {
      * <pre>
      * The unique stable hashed user identifier of the member. The identifier
      * corresponds to a `hashed_account_id` provided in a previous
-     * CreateAssessment or AnnotateAssessment call.
+     * `CreateAssessment` or `AnnotateAssessment` call.
      * </pre>
      *
      * <code>bytes hashed_account_id = 2;</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembershipOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembershipOrBuilder.java
index 865a2ac63d28..2f56f4ab89ac 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembershipOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RelatedAccountGroupMembershipOrBuilder.java
@@ -60,7 +60,7 @@ public interface RelatedAccountGroupMembershipOrBuilder
    * <pre>
    * The unique stable hashed user identifier of the member. The identifier
    * corresponds to a `hashed_account_id` provided in a previous
-   * CreateAssessment or AnnotateAssessment call.
+   * `CreateAssessment` or `AnnotateAssessment` call.
    * </pre>
    *
    * <code>bytes hashed_account_id = 2;</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequest.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequest.java
new file mode 100644
index 000000000000..7d0bf812312f
--- /dev/null
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequest.java
@@ -0,0 +1,644 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
+
+package com.google.recaptchaenterprise.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * The retrieve legacy secret key request message.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest}
+ */
+public final class RetrieveLegacySecretKeyRequest extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest)
+    RetrieveLegacySecretKeyRequestOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use RetrieveLegacySecretKeyRequest.newBuilder() to construct.
+  private RetrieveLegacySecretKeyRequest(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private RetrieveLegacySecretKeyRequest() {
+    key_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new RetrieveLegacySecretKeyRequest();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+        .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+        .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.class,
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.Builder.class);
+  }
+
+  public static final int KEY_FIELD_NUMBER = 1;
+  private volatile java.lang.Object key_;
+  /**
+   *
+   *
+   * <pre>
+   * Required. The public key name linked to the requested secret key in the format
+   * "projects/{project}/keys/{key}".
+   * </pre>
+   *
+   * <code>
+   * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The key.
+   */
+  @java.lang.Override
+  public java.lang.String getKey() {
+    java.lang.Object ref = key_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      key_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Required. The public key name linked to the requested secret key in the format
+   * "projects/{project}/keys/{key}".
+   * </pre>
+   *
+   * <code>
+   * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for key.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getKeyBytes() {
+    java.lang.Object ref = key_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      key_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(key_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, key_);
+    }
+    getUnknownFields().writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(key_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, key_);
+    }
+    size += getUnknownFields().getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest)) {
+      return super.equals(obj);
+    }
+    com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest other =
+        (com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest) obj;
+
+    if (!getKey().equals(other.getKey())) return false;
+    if (!getUnknownFields().equals(other.getUnknownFields())) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + KEY_FIELD_NUMBER;
+    hash = (53 * hash) + getKey().hashCode();
+    hash = (29 * hash) + getUnknownFields().hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseDelimitedFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseDelimitedFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The retrieve legacy secret key request message.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest)
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequestOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+          .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+          .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.class,
+              com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.Builder.class);
+    }
+
+    // Construct using com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.newBuilder()
+    private Builder() {}
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      key_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+          .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyRequest_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest
+        getDefaultInstanceForType() {
+      return com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest build() {
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest buildPartial() {
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest result =
+          new com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest(this);
+      result.key_ = key_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest) {
+        return mergeFrom((com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest other) {
+      if (other
+          == com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest.getDefaultInstance())
+        return this;
+      if (!other.getKey().isEmpty()) {
+        key_ = other.key_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.getUnknownFields());
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      if (extensionRegistry == null) {
+        throw new java.lang.NullPointerException();
+      }
+      try {
+        boolean done = false;
+        while (!done) {
+          int tag = input.readTag();
+          switch (tag) {
+            case 0:
+              done = true;
+              break;
+            case 10:
+              {
+                key_ = input.readStringRequireUtf8();
+
+                break;
+              } // case 10
+            default:
+              {
+                if (!super.parseUnknownField(input, extensionRegistry, tag)) {
+                  done = true; // was an endgroup tag
+                }
+                break;
+              } // default:
+          } // switch (tag)
+        } // while (!done)
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        throw e.unwrapIOException();
+      } finally {
+        onChanged();
+      } // finally
+      return this;
+    }
+
+    private java.lang.Object key_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * Required. The public key name linked to the requested secret key in the format
+     * "projects/{project}/keys/{key}".
+     * </pre>
+     *
+     * <code>
+     * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The key.
+     */
+    public java.lang.String getKey() {
+      java.lang.Object ref = key_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        key_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The public key name linked to the requested secret key in the format
+     * "projects/{project}/keys/{key}".
+     * </pre>
+     *
+     * <code>
+     * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return The bytes for key.
+     */
+    public com.google.protobuf.ByteString getKeyBytes() {
+      java.lang.Object ref = key_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        key_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The public key name linked to the requested secret key in the format
+     * "projects/{project}/keys/{key}".
+     * </pre>
+     *
+     * <code>
+     * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The key to set.
+     * @return This builder for chaining.
+     */
+    public Builder setKey(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      key_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The public key name linked to the requested secret key in the format
+     * "projects/{project}/keys/{key}".
+     * </pre>
+     *
+     * <code>
+     * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearKey() {
+
+      key_ = getDefaultInstance().getKey();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Required. The public key name linked to the requested secret key in the format
+     * "projects/{project}/keys/{key}".
+     * </pre>
+     *
+     * <code>
+     * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+     * </code>
+     *
+     * @param value The bytes for key to set.
+     * @return This builder for chaining.
+     */
+    public Builder setKeyBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      key_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest)
+  private static final com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest();
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<RetrieveLegacySecretKeyRequest> PARSER =
+      new com.google.protobuf.AbstractParser<RetrieveLegacySecretKeyRequest>() {
+        @java.lang.Override
+        public RetrieveLegacySecretKeyRequest parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          Builder builder = newBuilder();
+          try {
+            builder.mergeFrom(input, extensionRegistry);
+          } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+            throw e.setUnfinishedMessage(builder.buildPartial());
+          } catch (com.google.protobuf.UninitializedMessageException e) {
+            throw e.asInvalidProtocolBufferException().setUnfinishedMessage(builder.buildPartial());
+          } catch (java.io.IOException e) {
+            throw new com.google.protobuf.InvalidProtocolBufferException(e)
+                .setUnfinishedMessage(builder.buildPartial());
+          }
+          return builder.buildPartial();
+        }
+      };
+
+  public static com.google.protobuf.Parser<RetrieveLegacySecretKeyRequest> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<RetrieveLegacySecretKeyRequest> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequestOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequestOrBuilder.java
new file mode 100644
index 000000000000..032d253163d7
--- /dev/null
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyRequestOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
+
+package com.google.recaptchaenterprise.v1;
+
+public interface RetrieveLegacySecretKeyRequestOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * Required. The public key name linked to the requested secret key in the format
+   * "projects/{project}/keys/{key}".
+   * </pre>
+   *
+   * <code>
+   * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The key.
+   */
+  java.lang.String getKey();
+  /**
+   *
+   *
+   * <pre>
+   * Required. The public key name linked to the requested secret key in the format
+   * "projects/{project}/keys/{key}".
+   * </pre>
+   *
+   * <code>
+   * string key = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
+   * </code>
+   *
+   * @return The bytes for key.
+   */
+  com.google.protobuf.ByteString getKeyBytes();
+}
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponse.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponse.java
new file mode 100644
index 000000000000..3a1ba5171fbc
--- /dev/null
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponse.java
@@ -0,0 +1,648 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
+
+package com.google.recaptchaenterprise.v1;
+
+/**
+ *
+ *
+ * <pre>
+ * Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd party
+ * integration with legacy reCAPTCHA.
+ * </pre>
+ *
+ * Protobuf type {@code google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse}
+ */
+public final class RetrieveLegacySecretKeyResponse extends com.google.protobuf.GeneratedMessageV3
+    implements
+    // @@protoc_insertion_point(message_implements:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse)
+    RetrieveLegacySecretKeyResponseOrBuilder {
+  private static final long serialVersionUID = 0L;
+  // Use RetrieveLegacySecretKeyResponse.newBuilder() to construct.
+  private RetrieveLegacySecretKeyResponse(
+      com.google.protobuf.GeneratedMessageV3.Builder<?> builder) {
+    super(builder);
+  }
+
+  private RetrieveLegacySecretKeyResponse() {
+    legacySecretKey_ = "";
+  }
+
+  @java.lang.Override
+  @SuppressWarnings({"unused"})
+  protected java.lang.Object newInstance(UnusedPrivateParameter unused) {
+    return new RetrieveLegacySecretKeyResponse();
+  }
+
+  @java.lang.Override
+  public final com.google.protobuf.UnknownFieldSet getUnknownFields() {
+    return this.unknownFields;
+  }
+
+  public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+    return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+        .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_descriptor;
+  }
+
+  @java.lang.Override
+  protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+      internalGetFieldAccessorTable() {
+    return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+        .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_fieldAccessorTable
+        .ensureFieldAccessorsInitialized(
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.class,
+            com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.Builder.class);
+  }
+
+  public static final int LEGACY_SECRET_KEY_FIELD_NUMBER = 1;
+  private volatile java.lang.Object legacySecretKey_;
+  /**
+   *
+   *
+   * <pre>
+   * The secret key (also known as shared secret) authorizes communication
+   * between your application backend and the reCAPTCHA Enterprise server to
+   * create an assessment.
+   * The secret key needs to be kept safe for security purposes.
+   * </pre>
+   *
+   * <code>string legacy_secret_key = 1;</code>
+   *
+   * @return The legacySecretKey.
+   */
+  @java.lang.Override
+  public java.lang.String getLegacySecretKey() {
+    java.lang.Object ref = legacySecretKey_;
+    if (ref instanceof java.lang.String) {
+      return (java.lang.String) ref;
+    } else {
+      com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+      java.lang.String s = bs.toStringUtf8();
+      legacySecretKey_ = s;
+      return s;
+    }
+  }
+  /**
+   *
+   *
+   * <pre>
+   * The secret key (also known as shared secret) authorizes communication
+   * between your application backend and the reCAPTCHA Enterprise server to
+   * create an assessment.
+   * The secret key needs to be kept safe for security purposes.
+   * </pre>
+   *
+   * <code>string legacy_secret_key = 1;</code>
+   *
+   * @return The bytes for legacySecretKey.
+   */
+  @java.lang.Override
+  public com.google.protobuf.ByteString getLegacySecretKeyBytes() {
+    java.lang.Object ref = legacySecretKey_;
+    if (ref instanceof java.lang.String) {
+      com.google.protobuf.ByteString b =
+          com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+      legacySecretKey_ = b;
+      return b;
+    } else {
+      return (com.google.protobuf.ByteString) ref;
+    }
+  }
+
+  private byte memoizedIsInitialized = -1;
+
+  @java.lang.Override
+  public final boolean isInitialized() {
+    byte isInitialized = memoizedIsInitialized;
+    if (isInitialized == 1) return true;
+    if (isInitialized == 0) return false;
+
+    memoizedIsInitialized = 1;
+    return true;
+  }
+
+  @java.lang.Override
+  public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(legacySecretKey_)) {
+      com.google.protobuf.GeneratedMessageV3.writeString(output, 1, legacySecretKey_);
+    }
+    getUnknownFields().writeTo(output);
+  }
+
+  @java.lang.Override
+  public int getSerializedSize() {
+    int size = memoizedSize;
+    if (size != -1) return size;
+
+    size = 0;
+    if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(legacySecretKey_)) {
+      size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, legacySecretKey_);
+    }
+    size += getUnknownFields().getSerializedSize();
+    memoizedSize = size;
+    return size;
+  }
+
+  @java.lang.Override
+  public boolean equals(final java.lang.Object obj) {
+    if (obj == this) {
+      return true;
+    }
+    if (!(obj instanceof com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse)) {
+      return super.equals(obj);
+    }
+    com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse other =
+        (com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse) obj;
+
+    if (!getLegacySecretKey().equals(other.getLegacySecretKey())) return false;
+    if (!getUnknownFields().equals(other.getUnknownFields())) return false;
+    return true;
+  }
+
+  @java.lang.Override
+  public int hashCode() {
+    if (memoizedHashCode != 0) {
+      return memoizedHashCode;
+    }
+    int hash = 41;
+    hash = (19 * hash) + getDescriptor().hashCode();
+    hash = (37 * hash) + LEGACY_SECRET_KEY_FIELD_NUMBER;
+    hash = (53 * hash) + getLegacySecretKey().hashCode();
+    hash = (29 * hash) + getUnknownFields().hashCode();
+    memoizedHashCode = hash;
+    return hash;
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      java.nio.ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      com.google.protobuf.ByteString data)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      com.google.protobuf.ByteString data,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      byte[] data) throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws com.google.protobuf.InvalidProtocolBufferException {
+    return PARSER.parseFrom(data, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+      parseDelimitedFrom(java.io.InputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+      parseDelimitedFrom(
+          java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+          throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse parseFrom(
+      com.google.protobuf.CodedInputStream input,
+      com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+      throws java.io.IOException {
+    return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+        PARSER, input, extensionRegistry);
+  }
+
+  @java.lang.Override
+  public Builder newBuilderForType() {
+    return newBuilder();
+  }
+
+  public static Builder newBuilder() {
+    return DEFAULT_INSTANCE.toBuilder();
+  }
+
+  public static Builder newBuilder(
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse prototype) {
+    return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+  }
+
+  @java.lang.Override
+  public Builder toBuilder() {
+    return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+  }
+
+  @java.lang.Override
+  protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+    Builder builder = new Builder(parent);
+    return builder;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd party
+   * integration with legacy reCAPTCHA.
+   * </pre>
+   *
+   * Protobuf type {@code google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse}
+   */
+  public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder<Builder>
+      implements
+      // @@protoc_insertion_point(builder_implements:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse)
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponseOrBuilder {
+    public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
+      return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+          .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_descriptor;
+    }
+
+    @java.lang.Override
+    protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+        internalGetFieldAccessorTable() {
+      return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+          .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_fieldAccessorTable
+          .ensureFieldAccessorsInitialized(
+              com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.class,
+              com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.Builder.class);
+    }
+
+    // Construct using
+    // com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.newBuilder()
+    private Builder() {}
+
+    private Builder(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+      super(parent);
+    }
+
+    @java.lang.Override
+    public Builder clear() {
+      super.clear();
+      legacySecretKey_ = "";
+
+      return this;
+    }
+
+    @java.lang.Override
+    public com.google.protobuf.Descriptors.Descriptor getDescriptorForType() {
+      return com.google.recaptchaenterprise.v1.RecaptchaEnterpriseProto
+          .internal_static_google_cloud_recaptchaenterprise_v1_RetrieveLegacySecretKeyResponse_descriptor;
+    }
+
+    @java.lang.Override
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+        getDefaultInstanceForType() {
+      return com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.getDefaultInstance();
+    }
+
+    @java.lang.Override
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse build() {
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse result = buildPartial();
+      if (!result.isInitialized()) {
+        throw newUninitializedMessageException(result);
+      }
+      return result;
+    }
+
+    @java.lang.Override
+    public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse buildPartial() {
+      com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse result =
+          new com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse(this);
+      result.legacySecretKey_ = legacySecretKey_;
+      onBuilt();
+      return result;
+    }
+
+    @java.lang.Override
+    public Builder clone() {
+      return super.clone();
+    }
+
+    @java.lang.Override
+    public Builder setField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.setField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field) {
+      return super.clearField(field);
+    }
+
+    @java.lang.Override
+    public Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) {
+      return super.clearOneof(oneof);
+    }
+
+    @java.lang.Override
+    public Builder setRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, int index, java.lang.Object value) {
+      return super.setRepeatedField(field, index, value);
+    }
+
+    @java.lang.Override
+    public Builder addRepeatedField(
+        com.google.protobuf.Descriptors.FieldDescriptor field, java.lang.Object value) {
+      return super.addRepeatedField(field, value);
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(com.google.protobuf.Message other) {
+      if (other instanceof com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse) {
+        return mergeFrom((com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse) other);
+      } else {
+        super.mergeFrom(other);
+        return this;
+      }
+    }
+
+    public Builder mergeFrom(
+        com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse other) {
+      if (other
+          == com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse.getDefaultInstance())
+        return this;
+      if (!other.getLegacySecretKey().isEmpty()) {
+        legacySecretKey_ = other.legacySecretKey_;
+        onChanged();
+      }
+      this.mergeUnknownFields(other.getUnknownFields());
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final boolean isInitialized() {
+      return true;
+    }
+
+    @java.lang.Override
+    public Builder mergeFrom(
+        com.google.protobuf.CodedInputStream input,
+        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+        throws java.io.IOException {
+      if (extensionRegistry == null) {
+        throw new java.lang.NullPointerException();
+      }
+      try {
+        boolean done = false;
+        while (!done) {
+          int tag = input.readTag();
+          switch (tag) {
+            case 0:
+              done = true;
+              break;
+            case 10:
+              {
+                legacySecretKey_ = input.readStringRequireUtf8();
+
+                break;
+              } // case 10
+            default:
+              {
+                if (!super.parseUnknownField(input, extensionRegistry, tag)) {
+                  done = true; // was an endgroup tag
+                }
+                break;
+              } // default:
+          } // switch (tag)
+        } // while (!done)
+      } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+        throw e.unwrapIOException();
+      } finally {
+        onChanged();
+      } // finally
+      return this;
+    }
+
+    private java.lang.Object legacySecretKey_ = "";
+    /**
+     *
+     *
+     * <pre>
+     * The secret key (also known as shared secret) authorizes communication
+     * between your application backend and the reCAPTCHA Enterprise server to
+     * create an assessment.
+     * The secret key needs to be kept safe for security purposes.
+     * </pre>
+     *
+     * <code>string legacy_secret_key = 1;</code>
+     *
+     * @return The legacySecretKey.
+     */
+    public java.lang.String getLegacySecretKey() {
+      java.lang.Object ref = legacySecretKey_;
+      if (!(ref instanceof java.lang.String)) {
+        com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+        java.lang.String s = bs.toStringUtf8();
+        legacySecretKey_ = s;
+        return s;
+      } else {
+        return (java.lang.String) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The secret key (also known as shared secret) authorizes communication
+     * between your application backend and the reCAPTCHA Enterprise server to
+     * create an assessment.
+     * The secret key needs to be kept safe for security purposes.
+     * </pre>
+     *
+     * <code>string legacy_secret_key = 1;</code>
+     *
+     * @return The bytes for legacySecretKey.
+     */
+    public com.google.protobuf.ByteString getLegacySecretKeyBytes() {
+      java.lang.Object ref = legacySecretKey_;
+      if (ref instanceof String) {
+        com.google.protobuf.ByteString b =
+            com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+        legacySecretKey_ = b;
+        return b;
+      } else {
+        return (com.google.protobuf.ByteString) ref;
+      }
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The secret key (also known as shared secret) authorizes communication
+     * between your application backend and the reCAPTCHA Enterprise server to
+     * create an assessment.
+     * The secret key needs to be kept safe for security purposes.
+     * </pre>
+     *
+     * <code>string legacy_secret_key = 1;</code>
+     *
+     * @param value The legacySecretKey to set.
+     * @return This builder for chaining.
+     */
+    public Builder setLegacySecretKey(java.lang.String value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+
+      legacySecretKey_ = value;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The secret key (also known as shared secret) authorizes communication
+     * between your application backend and the reCAPTCHA Enterprise server to
+     * create an assessment.
+     * The secret key needs to be kept safe for security purposes.
+     * </pre>
+     *
+     * <code>string legacy_secret_key = 1;</code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearLegacySecretKey() {
+
+      legacySecretKey_ = getDefaultInstance().getLegacySecretKey();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * The secret key (also known as shared secret) authorizes communication
+     * between your application backend and the reCAPTCHA Enterprise server to
+     * create an assessment.
+     * The secret key needs to be kept safe for security purposes.
+     * </pre>
+     *
+     * <code>string legacy_secret_key = 1;</code>
+     *
+     * @param value The bytes for legacySecretKey to set.
+     * @return This builder for chaining.
+     */
+    public Builder setLegacySecretKeyBytes(com.google.protobuf.ByteString value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      checkByteStringIsUtf8(value);
+
+      legacySecretKey_ = value;
+      onChanged();
+      return this;
+    }
+
+    @java.lang.Override
+    public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.setUnknownFields(unknownFields);
+    }
+
+    @java.lang.Override
+    public final Builder mergeUnknownFields(
+        final com.google.protobuf.UnknownFieldSet unknownFields) {
+      return super.mergeUnknownFields(unknownFields);
+    }
+
+    // @@protoc_insertion_point(builder_scope:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse)
+  }
+
+  // @@protoc_insertion_point(class_scope:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse)
+  private static final com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+      DEFAULT_INSTANCE;
+
+  static {
+    DEFAULT_INSTANCE = new com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse();
+  }
+
+  public static com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+      getDefaultInstance() {
+    return DEFAULT_INSTANCE;
+  }
+
+  private static final com.google.protobuf.Parser<RetrieveLegacySecretKeyResponse> PARSER =
+      new com.google.protobuf.AbstractParser<RetrieveLegacySecretKeyResponse>() {
+        @java.lang.Override
+        public RetrieveLegacySecretKeyResponse parsePartialFrom(
+            com.google.protobuf.CodedInputStream input,
+            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+            throws com.google.protobuf.InvalidProtocolBufferException {
+          Builder builder = newBuilder();
+          try {
+            builder.mergeFrom(input, extensionRegistry);
+          } catch (com.google.protobuf.InvalidProtocolBufferException e) {
+            throw e.setUnfinishedMessage(builder.buildPartial());
+          } catch (com.google.protobuf.UninitializedMessageException e) {
+            throw e.asInvalidProtocolBufferException().setUnfinishedMessage(builder.buildPartial());
+          } catch (java.io.IOException e) {
+            throw new com.google.protobuf.InvalidProtocolBufferException(e)
+                .setUnfinishedMessage(builder.buildPartial());
+          }
+          return builder.buildPartial();
+        }
+      };
+
+  public static com.google.protobuf.Parser<RetrieveLegacySecretKeyResponse> parser() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.protobuf.Parser<RetrieveLegacySecretKeyResponse> getParserForType() {
+    return PARSER;
+  }
+
+  @java.lang.Override
+  public com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse
+      getDefaultInstanceForType() {
+    return DEFAULT_INSTANCE;
+  }
+}
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponseOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponseOrBuilder.java
new file mode 100644
index 000000000000..92c7042fb67e
--- /dev/null
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/RetrieveLegacySecretKeyResponseOrBuilder.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler.  DO NOT EDIT!
+// source: google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
+
+package com.google.recaptchaenterprise.v1;
+
+public interface RetrieveLegacySecretKeyResponseOrBuilder
+    extends
+    // @@protoc_insertion_point(interface_extends:google.cloud.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse)
+    com.google.protobuf.MessageOrBuilder {
+
+  /**
+   *
+   *
+   * <pre>
+   * The secret key (also known as shared secret) authorizes communication
+   * between your application backend and the reCAPTCHA Enterprise server to
+   * create an assessment.
+   * The secret key needs to be kept safe for security purposes.
+   * </pre>
+   *
+   * <code>string legacy_secret_key = 1;</code>
+   *
+   * @return The legacySecretKey.
+   */
+  java.lang.String getLegacySecretKey();
+  /**
+   *
+   *
+   * <pre>
+   * The secret key (also known as shared secret) authorizes communication
+   * between your application backend and the reCAPTCHA Enterprise server to
+   * create an assessment.
+   * The secret key needs to be kept safe for security purposes.
+   * </pre>
+   *
+   * <code>string legacy_secret_key = 1;</code>
+   *
+   * @return The bytes for legacySecretKey.
+   */
+  com.google.protobuf.ByteString getLegacySecretKeyBytes();
+}
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequest.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequest.java
index a9926f0e68c7..4bea5214fa07 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequest.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequest.java
@@ -79,8 +79,8 @@ public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() {
    *
    *
    * <pre>
-   * Required. The name of the project to search related account group
-   * memberships from, in the format "projects/{project}".
+   * Required. The name of the project to search related account group memberships from.
+   * Specify the project name in the following format: "projects/{project}".
    * </pre>
    *
    * <code>
@@ -105,8 +105,8 @@ public java.lang.String getProject() {
    *
    *
    * <pre>
-   * Required. The name of the project to search related account group
-   * memberships from, in the format "projects/{project}".
+   * Required. The name of the project to search related account group memberships from.
+   * Specify the project name in the following format: "projects/{project}".
    * </pre>
    *
    * <code>
@@ -134,9 +134,9 @@ public com.google.protobuf.ByteString getProjectBytes() {
    *
    *
    * <pre>
-   * Optional. The unique stable hashed user identifier we should search
-   * connections to. The identifier should correspond to a `hashed_account_id`
-   * provided in a previous CreateAssessment or AnnotateAssessment call.
+   * Optional. The unique stable hashed user identifier we should search connections to.
+   * The identifier should correspond to a `hashed_account_id` provided in a
+   * previous `CreateAssessment` or `AnnotateAssessment` call.
    * </pre>
    *
    * <code>bytes hashed_account_id = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -154,9 +154,10 @@ public com.google.protobuf.ByteString getHashedAccountId() {
    *
    *
    * <pre>
-   * Optional. The maximum number of groups to return. The service may return
-   * fewer than this value. If unspecified, at most 50 groups will be returned.
-   * The maximum value is 1000; values above 1000 will be coerced to 1000.
+   * Optional. The maximum number of groups to return. The service might return fewer than
+   * this value.
+   * If unspecified, at most 50 groups are returned.
+   * The maximum value is 1000; values above 1000 are coerced to 1000.
    * </pre>
    *
    * <code>int32 page_size = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -646,8 +647,8 @@ public Builder mergeFrom(
      *
      *
      * <pre>
-     * Required. The name of the project to search related account group
-     * memberships from, in the format "projects/{project}".
+     * Required. The name of the project to search related account group memberships from.
+     * Specify the project name in the following format: "projects/{project}".
      * </pre>
      *
      * <code>
@@ -671,8 +672,8 @@ public java.lang.String getProject() {
      *
      *
      * <pre>
-     * Required. The name of the project to search related account group
-     * memberships from, in the format "projects/{project}".
+     * Required. The name of the project to search related account group memberships from.
+     * Specify the project name in the following format: "projects/{project}".
      * </pre>
      *
      * <code>
@@ -696,8 +697,8 @@ public com.google.protobuf.ByteString getProjectBytes() {
      *
      *
      * <pre>
-     * Required. The name of the project to search related account group
-     * memberships from, in the format "projects/{project}".
+     * Required. The name of the project to search related account group memberships from.
+     * Specify the project name in the following format: "projects/{project}".
      * </pre>
      *
      * <code>
@@ -720,8 +721,8 @@ public Builder setProject(java.lang.String value) {
      *
      *
      * <pre>
-     * Required. The name of the project to search related account group
-     * memberships from, in the format "projects/{project}".
+     * Required. The name of the project to search related account group memberships from.
+     * Specify the project name in the following format: "projects/{project}".
      * </pre>
      *
      * <code>
@@ -740,8 +741,8 @@ public Builder clearProject() {
      *
      *
      * <pre>
-     * Required. The name of the project to search related account group
-     * memberships from, in the format "projects/{project}".
+     * Required. The name of the project to search related account group memberships from.
+     * Specify the project name in the following format: "projects/{project}".
      * </pre>
      *
      * <code>
@@ -767,9 +768,9 @@ public Builder setProjectBytes(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The unique stable hashed user identifier we should search
-     * connections to. The identifier should correspond to a `hashed_account_id`
-     * provided in a previous CreateAssessment or AnnotateAssessment call.
+     * Optional. The unique stable hashed user identifier we should search connections to.
+     * The identifier should correspond to a `hashed_account_id` provided in a
+     * previous `CreateAssessment` or `AnnotateAssessment` call.
      * </pre>
      *
      * <code>bytes hashed_account_id = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -784,9 +785,9 @@ public com.google.protobuf.ByteString getHashedAccountId() {
      *
      *
      * <pre>
-     * Optional. The unique stable hashed user identifier we should search
-     * connections to. The identifier should correspond to a `hashed_account_id`
-     * provided in a previous CreateAssessment or AnnotateAssessment call.
+     * Optional. The unique stable hashed user identifier we should search connections to.
+     * The identifier should correspond to a `hashed_account_id` provided in a
+     * previous `CreateAssessment` or `AnnotateAssessment` call.
      * </pre>
      *
      * <code>bytes hashed_account_id = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -807,9 +808,9 @@ public Builder setHashedAccountId(com.google.protobuf.ByteString value) {
      *
      *
      * <pre>
-     * Optional. The unique stable hashed user identifier we should search
-     * connections to. The identifier should correspond to a `hashed_account_id`
-     * provided in a previous CreateAssessment or AnnotateAssessment call.
+     * Optional. The unique stable hashed user identifier we should search connections to.
+     * The identifier should correspond to a `hashed_account_id` provided in a
+     * previous `CreateAssessment` or `AnnotateAssessment` call.
      * </pre>
      *
      * <code>bytes hashed_account_id = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -828,9 +829,10 @@ public Builder clearHashedAccountId() {
      *
      *
      * <pre>
-     * Optional. The maximum number of groups to return. The service may return
-     * fewer than this value. If unspecified, at most 50 groups will be returned.
-     * The maximum value is 1000; values above 1000 will be coerced to 1000.
+     * Optional. The maximum number of groups to return. The service might return fewer than
+     * this value.
+     * If unspecified, at most 50 groups are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -845,9 +847,10 @@ public int getPageSize() {
      *
      *
      * <pre>
-     * Optional. The maximum number of groups to return. The service may return
-     * fewer than this value. If unspecified, at most 50 groups will be returned.
-     * The maximum value is 1000; values above 1000 will be coerced to 1000.
+     * Optional. The maximum number of groups to return. The service might return fewer than
+     * this value.
+     * If unspecified, at most 50 groups are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -865,9 +868,10 @@ public Builder setPageSize(int value) {
      *
      *
      * <pre>
-     * Optional. The maximum number of groups to return. The service may return
-     * fewer than this value. If unspecified, at most 50 groups will be returned.
-     * The maximum value is 1000; values above 1000 will be coerced to 1000.
+     * Optional. The maximum number of groups to return. The service might return fewer than
+     * this value.
+     * If unspecified, at most 50 groups are returned.
+     * The maximum value is 1000; values above 1000 are coerced to 1000.
      * </pre>
      *
      * <code>int32 page_size = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequestOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequestOrBuilder.java
index 76f94845e77c..151453f2c841 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequestOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/SearchRelatedAccountGroupMembershipsRequestOrBuilder.java
@@ -27,8 +27,8 @@ public interface SearchRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Required. The name of the project to search related account group
-   * memberships from, in the format "projects/{project}".
+   * Required. The name of the project to search related account group memberships from.
+   * Specify the project name in the following format: "projects/{project}".
    * </pre>
    *
    * <code>
@@ -42,8 +42,8 @@ public interface SearchRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Required. The name of the project to search related account group
-   * memberships from, in the format "projects/{project}".
+   * Required. The name of the project to search related account group memberships from.
+   * Specify the project name in the following format: "projects/{project}".
    * </pre>
    *
    * <code>
@@ -58,9 +58,9 @@ public interface SearchRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The unique stable hashed user identifier we should search
-   * connections to. The identifier should correspond to a `hashed_account_id`
-   * provided in a previous CreateAssessment or AnnotateAssessment call.
+   * Optional. The unique stable hashed user identifier we should search connections to.
+   * The identifier should correspond to a `hashed_account_id` provided in a
+   * previous `CreateAssessment` or `AnnotateAssessment` call.
    * </pre>
    *
    * <code>bytes hashed_account_id = 2 [(.google.api.field_behavior) = OPTIONAL];</code>
@@ -73,9 +73,10 @@ public interface SearchRelatedAccountGroupMembershipsRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The maximum number of groups to return. The service may return
-   * fewer than this value. If unspecified, at most 50 groups will be returned.
-   * The maximum value is 1000; values above 1000 will be coerced to 1000.
+   * Optional. The maximum number of groups to return. The service might return fewer than
+   * this value.
+   * If unspecified, at most 50 groups are returned.
+   * The maximum value is 1000; values above 1000 are coerced to 1000.
    * </pre>
    *
    * <code>int32 page_size = 3 [(.google.api.field_behavior) = OPTIONAL];</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenProperties.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenProperties.java
index b71bb3ef867d..1bdbce6b1340 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenProperties.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenProperties.java
@@ -424,7 +424,7 @@ public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
    *
    *
    * <pre>
-   * The hostname of the page on which the token was generated.
+   * The hostname of the page on which the token was generated (Web keys only).
    * </pre>
    *
    * <code>string hostname = 4;</code>
@@ -447,7 +447,7 @@ public java.lang.String getHostname() {
    *
    *
    * <pre>
-   * The hostname of the page on which the token was generated.
+   * The hostname of the page on which the token was generated (Web keys only).
    * </pre>
    *
    * <code>string hostname = 4;</code>
@@ -1293,7 +1293,7 @@ public com.google.protobuf.TimestampOrBuilder getCreateTimeOrBuilder() {
      *
      *
      * <pre>
-     * The hostname of the page on which the token was generated.
+     * The hostname of the page on which the token was generated (Web keys only).
      * </pre>
      *
      * <code>string hostname = 4;</code>
@@ -1315,7 +1315,7 @@ public java.lang.String getHostname() {
      *
      *
      * <pre>
-     * The hostname of the page on which the token was generated.
+     * The hostname of the page on which the token was generated (Web keys only).
      * </pre>
      *
      * <code>string hostname = 4;</code>
@@ -1337,7 +1337,7 @@ public com.google.protobuf.ByteString getHostnameBytes() {
      *
      *
      * <pre>
-     * The hostname of the page on which the token was generated.
+     * The hostname of the page on which the token was generated (Web keys only).
      * </pre>
      *
      * <code>string hostname = 4;</code>
@@ -1358,7 +1358,7 @@ public Builder setHostname(java.lang.String value) {
      *
      *
      * <pre>
-     * The hostname of the page on which the token was generated.
+     * The hostname of the page on which the token was generated (Web keys only).
      * </pre>
      *
      * <code>string hostname = 4;</code>
@@ -1375,7 +1375,7 @@ public Builder clearHostname() {
      *
      *
      * <pre>
-     * The hostname of the page on which the token was generated.
+     * The hostname of the page on which the token was generated (Web keys only).
      * </pre>
      *
      * <code>string hostname = 4;</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenPropertiesOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenPropertiesOrBuilder.java
index c11a76134218..d97103467e7d 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenPropertiesOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/TokenPropertiesOrBuilder.java
@@ -106,7 +106,7 @@ public interface TokenPropertiesOrBuilder
    *
    *
    * <pre>
-   * The hostname of the page on which the token was generated.
+   * The hostname of the page on which the token was generated (Web keys only).
    * </pre>
    *
    * <code>string hostname = 4;</code>
@@ -118,7 +118,7 @@ public interface TokenPropertiesOrBuilder
    *
    *
    * <pre>
-   * The hostname of the page on which the token was generated.
+   * The hostname of the page on which the token was generated (Web keys only).
    * </pre>
    *
    * <code>string hostname = 4;</code>
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequest.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequest.java
index d1763e95f3b8..d199ac1d3b0b 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequest.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequest.java
@@ -123,8 +123,8 @@ public com.google.recaptchaenterprise.v1.KeyOrBuilder getKeyOrBuilder() {
    *
    *
    * <pre>
-   * Optional. The mask to control which fields of the key get updated. If the
-   * mask is not present, all fields will be updated.
+   * Optional. The mask to control which fields of the key get updated. If the mask is not
+   * present, all fields will be updated.
    * </pre>
    *
    * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -140,8 +140,8 @@ public boolean hasUpdateMask() {
    *
    *
    * <pre>
-   * Optional. The mask to control which fields of the key get updated. If the
-   * mask is not present, all fields will be updated.
+   * Optional. The mask to control which fields of the key get updated. If the mask is not
+   * present, all fields will be updated.
    * </pre>
    *
    * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -157,8 +157,8 @@ public com.google.protobuf.FieldMask getUpdateMask() {
    *
    *
    * <pre>
-   * Optional. The mask to control which fields of the key get updated. If the
-   * mask is not present, all fields will be updated.
+   * Optional. The mask to control which fields of the key get updated. If the mask is not
+   * present, all fields will be updated.
    * </pre>
    *
    * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -754,8 +754,8 @@ public com.google.recaptchaenterprise.v1.KeyOrBuilder getKeyOrBuilder() {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -770,8 +770,8 @@ public boolean hasUpdateMask() {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -792,8 +792,8 @@ public com.google.protobuf.FieldMask getUpdateMask() {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -816,8 +816,8 @@ public Builder setUpdateMask(com.google.protobuf.FieldMask value) {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -837,8 +837,8 @@ public Builder setUpdateMask(com.google.protobuf.FieldMask.Builder builderForVal
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -863,8 +863,8 @@ public Builder mergeUpdateMask(com.google.protobuf.FieldMask value) {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -885,8 +885,8 @@ public Builder clearUpdateMask() {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -901,8 +901,8 @@ public com.google.protobuf.FieldMask.Builder getUpdateMaskBuilder() {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -921,8 +921,8 @@ public com.google.protobuf.FieldMaskOrBuilder getUpdateMaskOrBuilder() {
      *
      *
      * <pre>
-     * Optional. The mask to control which fields of the key get updated. If the
-     * mask is not present, all fields will be updated.
+     * Optional. The mask to control which fields of the key get updated. If the mask is not
+     * present, all fields will be updated.
      * </pre>
      *
      * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequestOrBuilder.java b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequestOrBuilder.java
index 11009a82ad4c..0dcf968c5209 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequestOrBuilder.java
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/java/com/google/recaptchaenterprise/v1/UpdateKeyRequestOrBuilder.java
@@ -68,8 +68,8 @@ public interface UpdateKeyRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The mask to control which fields of the key get updated. If the
-   * mask is not present, all fields will be updated.
+   * Optional. The mask to control which fields of the key get updated. If the mask is not
+   * present, all fields will be updated.
    * </pre>
    *
    * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -82,8 +82,8 @@ public interface UpdateKeyRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The mask to control which fields of the key get updated. If the
-   * mask is not present, all fields will be updated.
+   * Optional. The mask to control which fields of the key get updated. If the mask is not
+   * present, all fields will be updated.
    * </pre>
    *
    * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
@@ -96,8 +96,8 @@ public interface UpdateKeyRequestOrBuilder
    *
    *
    * <pre>
-   * Optional. The mask to control which fields of the key get updated. If the
-   * mask is not present, all fields will be updated.
+   * Optional. The mask to control which fields of the key get updated. If the mask is not
+   * present, all fields will be updated.
    * </pre>
    *
    * <code>.google.protobuf.FieldMask update_mask = 2 [(.google.api.field_behavior) = OPTIONAL];
diff --git a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/proto/google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/proto/google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
index 7165d1bcc007..9376f342ce5e 100644
--- a/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/proto/google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
+++ b/java-recaptchaenterprise/proto-google-cloud-recaptchaenterprise-v1/src/main/proto/google/cloud/recaptchaenterprise/v1/recaptchaenterprise.proto
@@ -36,8 +36,7 @@ option ruby_package = "Google::Cloud::RecaptchaEnterprise::V1";
 // Service to determine the likelihood an event is legitimate.
 service RecaptchaEnterpriseService {
   option (google.api.default_host) = "recaptchaenterprise.googleapis.com";
-  option (google.api.oauth_scopes) =
-      "https://www.googleapis.com/auth/cloud-platform";
+  option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
 
   // Creates an Assessment of the likelihood an event is legitimate.
   rpc CreateAssessment(CreateAssessmentRequest) returns (Assessment) {
@@ -50,8 +49,7 @@ service RecaptchaEnterpriseService {
 
   // Annotates a previously created Assessment to provide additional information
   // on whether the event turned out to be authentic or fraudulent.
-  rpc AnnotateAssessment(AnnotateAssessmentRequest)
-      returns (AnnotateAssessmentResponse) {
+  rpc AnnotateAssessment(AnnotateAssessmentRequest) returns (AnnotateAssessmentResponse) {
     option (google.api.http) = {
       post: "/v1/{name=projects/*/assessments/*}:annotate"
       body: "*"
@@ -74,6 +72,16 @@ service RecaptchaEnterpriseService {
     };
   }
 
+  // Returns the secret key related to the specified public key.
+  // You must use the legacy secret key only in a 3rd party integration with
+  // legacy reCAPTCHA.
+  rpc RetrieveLegacySecretKey(RetrieveLegacySecretKeyRequest) returns (RetrieveLegacySecretKeyResponse) {
+    option (google.api.http) = {
+      get: "/v1/{key=projects/*/keys/*}:retrieveLegacySecretKey"
+    };
+    option (google.api.method_signature) = "key";
+  }
+
   // Returns the specified key.
   rpc GetKey(GetKeyRequest) returns (Key) {
     option (google.api.http) = {
@@ -119,18 +127,15 @@ service RecaptchaEnterpriseService {
   }
 
   // List groups of related accounts.
-  rpc ListRelatedAccountGroups(ListRelatedAccountGroupsRequest)
-      returns (ListRelatedAccountGroupsResponse) {
+  rpc ListRelatedAccountGroups(ListRelatedAccountGroupsRequest) returns (ListRelatedAccountGroupsResponse) {
     option (google.api.http) = {
       get: "/v1/{parent=projects/*}/relatedaccountgroups"
     };
     option (google.api.method_signature) = "parent";
   }
 
-  // Get the memberships in a group of related accounts.
-  rpc ListRelatedAccountGroupMemberships(
-      ListRelatedAccountGroupMembershipsRequest)
-      returns (ListRelatedAccountGroupMembershipsResponse) {
+  // Get memberships in a group of related accounts.
+  rpc ListRelatedAccountGroupMemberships(ListRelatedAccountGroupMembershipsRequest) returns (ListRelatedAccountGroupMembershipsResponse) {
     option (google.api.http) = {
       get: "/v1/{parent=projects/*/relatedaccountgroups/*}/memberships"
     };
@@ -138,9 +143,7 @@ service RecaptchaEnterpriseService {
   }
 
   // Search group memberships related to a given account.
-  rpc SearchRelatedAccountGroupMemberships(
-      SearchRelatedAccountGroupMembershipsRequest)
-      returns (SearchRelatedAccountGroupMembershipsResponse) {
+  rpc SearchRelatedAccountGroupMemberships(SearchRelatedAccountGroupMembershipsRequest) returns (SearchRelatedAccountGroupMembershipsResponse) {
     option (google.api.http) = {
       post: "/v1/{project=projects/*}/relatedaccountgroupmemberships:search"
       body: "*"
@@ -193,21 +196,38 @@ message AnnotateAssessmentRequest {
     // Default unspecified reason.
     REASON_UNSPECIFIED = 0;
 
-    // Indicates a chargeback issued for the transaction with no other details.
-    // When possible, specify the type by using CHARGEBACK_FRAUD or
+    // Indicates that the transaction had a chargeback issued with no other
+    // details. When possible, specify the type by using CHARGEBACK_FRAUD or
     // CHARGEBACK_DISPUTE instead.
     CHARGEBACK = 1;
 
-    // Indicates a chargeback related to an alleged unauthorized transaction
-    // from the cardholder's perspective (for example, the card number was
-    // stolen).
+    // Indicates that the transaction had a chargeback issued related to an
+    // alleged unauthorized transaction from the cardholder's perspective (for
+    // example, the card number was stolen).
     CHARGEBACK_FRAUD = 8;
 
-    // Indicates a chargeback related to the cardholder having provided their
-    // card details but allegedly not being satisfied with the purchase
-    // (for example, misrepresentation, attempted cancellation).
+    // Indicates that the transaction had a chargeback issued related to the
+    // cardholder having provided their card details but allegedly not being
+    // satisfied with the purchase (for example, misrepresentation, attempted
+    // cancellation).
     CHARGEBACK_DISPUTE = 9;
 
+    // Indicates that the completed payment transaction was refunded by the
+    // seller.
+    REFUND = 10;
+
+    // Indicates that the completed payment transaction was determined to be
+    // fraudulent by the seller, and was cancelled and refunded as a result.
+    REFUND_FRAUD = 11;
+
+    // Indicates that the payment transaction was accepted, and the user was
+    // charged.
+    TRANSACTION_ACCEPTED = 12;
+
+    // Indicates that the payment transaction was declined, for example due to
+    // invalid card details.
+    TRANSACTION_DECLINED = 13;
+
     // Indicates the transaction associated with the assessment is suspected of
     // being fraudulent based on the payment method, billing details, shipping
     // address or other transaction information.
@@ -230,6 +250,10 @@ message AnnotateAssessmentRequest {
 
     // Indicates the user provided an incorrect password.
     INCORRECT_PASSWORD = 6;
+
+    // Indicates that the user sent unwanted and abusive messages to other users
+    // of the platform, such as spam, scams, phishing, or social engineering.
+    SOCIAL_SPAM = 14;
   }
 
   // Required. The resource name of the Assessment, in the format
@@ -241,17 +265,16 @@ message AnnotateAssessmentRequest {
     }
   ];
 
-  // Optional. The annotation that will be assigned to the Event. This field can
-  // be left empty to provide reasons that apply to an event without concluding
-  // whether the event is legitimate or fraudulent.
+  // Optional. The annotation that will be assigned to the Event. This field can be left
+  // empty to provide reasons that apply to an event without concluding whether
+  // the event is legitimate or fraudulent.
   Annotation annotation = 2 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. Optional reasons for the annotation that will be assigned to the
-  // Event.
+  // Optional. Optional reasons for the annotation that will be assigned to the Event.
   repeated Reason reasons = 3 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. Optional unique stable hashed user identifier to apply to the
-  // assessment. This is an alternative to setting the hashed_account_id in
+  // Optional. Unique stable hashed user identifier to apply to the assessment.
+  // This is an alternative to setting the hashed_account_id in
   // CreateAssessment, for example when the account identifier is not yet known
   // in the initial request. It is recommended that the identifier is hashed
   // using hmac-sha256 with stable secret.
@@ -259,7 +282,31 @@ message AnnotateAssessmentRequest {
 }
 
 // Empty response for AnnotateAssessment.
-message AnnotateAssessmentResponse {}
+message AnnotateAssessmentResponse {
+
+}
+
+// Private password leak verification info.
+message PrivatePasswordLeakVerification {
+  // Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
+  // is used to look up password leaks associated with that hash prefix.
+  bytes lookup_hash_prefix = 1 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. Encrypted Scrypt hash of the canonicalized username+password. It is
+  // re-encrypted by the server and returned through
+  // `reencrypted_user_credentials_hash`.
+  bytes encrypted_user_credentials_hash = 2 [(google.api.field_behavior) = OPTIONAL];
+
+  // Output only. List of prefixes of the encrypted potential password leaks that matched the
+  // given parameters. They must be compared with the client-side decryption
+  // prefix of `reencrypted_user_credentials_hash`
+  repeated bytes encrypted_leak_match_prefixes = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
+  // field. It is used to match potential password leaks within
+  // `encrypted_leak_match_prefixes`.
+  bytes reencrypted_user_credentials_hash = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+}
 
 // A recaptcha assessment resource.
 message Assessment {
@@ -279,41 +326,40 @@ message Assessment {
   RiskAnalysis risk_analysis = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Output only. Properties of the provided event token.
-  TokenProperties token_properties = 4
-      [(google.api.field_behavior) = OUTPUT_ONLY];
+  TokenProperties token_properties = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
 
-  // Assessment returned by Account Defender when a hashed_account_id is
+  // Assessment returned by account defender when a hashed_account_id is
   // provided.
   AccountDefenderAssessment account_defender_assessment = 6;
 
-  // Password leak verification info.
+  // The private password leak verification field contains the parameters that
+  // are used to to check for leaks privately without sharing user credentials.
   PrivatePasswordLeakVerification private_password_leak_verification = 8;
 }
 
 message Event {
-  // Optional. The user response token provided by the reCAPTCHA client-side
-  // integration on your site.
+  // Optional. The user response token provided by the reCAPTCHA client-side integration
+  // on your site.
   string token = 1 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. The site key that was used to invoke reCAPTCHA on your site and
-  // generate the token.
+  // Optional. The site key that was used to invoke reCAPTCHA on your site and generate
+  // the token.
   string site_key = 2 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. The user agent present in the request from the user's device
-  // related to this event.
+  // Optional. The user agent present in the request from the user's device related to
+  // this event.
   string user_agent = 3 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. The IP address in the request from the user's device related to
-  // this event.
+  // Optional. The IP address in the request from the user's device related to this event.
   string user_ip_address = 4 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. The expected action for this type of event. This should be the
-  // same action provided at token generation time on client-side platforms
-  // already integrated with recaptcha enterprise.
+  // Optional. The expected action for this type of event. This should be the same action
+  // provided at token generation time on client-side platforms already
+  // integrated with recaptcha enterprise.
   string expected_action = 5 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. Optional unique stable hashed user identifier for the request.
-  // The identifier should ideally be hashed using sha256 with stable secret.
+  // Optional. Unique stable hashed user identifier for the request. The identifier must
+  // be hashed using hmac-sha256 with stable secret.
   bytes hashed_account_id = 6 [(google.api.field_behavior) = OPTIONAL];
 }
 
@@ -390,16 +436,16 @@ message TokenProperties {
   // The timestamp corresponding to the generation of the token.
   google.protobuf.Timestamp create_time = 3;
 
-  // The hostname of the page on which the token was generated.
+  // The hostname of the page on which the token was generated (Web keys only).
   string hostname = 4;
 
   // Action name provided at token generation.
   string action = 5;
 }
 
-// Account Defender risk assessment.
+// Account defender risk assessment.
 message AccountDefenderAssessment {
-  // Labels returned by Account Defender for this request.
+  // Labels returned by account defender for this request.
   enum AccountDefenderLabel {
     // Default unspecified type.
     ACCOUNT_DEFENDER_LABEL_UNSPECIFIED = 0;
@@ -407,17 +453,17 @@ message AccountDefenderAssessment {
     // The request matches a known good profile for the user.
     PROFILE_MATCH = 1;
 
-    // The request is potentially a suspicious login event and should be further
-    // verified either via multi-factor authentication or another system.
+    // The request is potentially a suspicious login event and must be further
+    // verified either through multi-factor authentication or another system.
     SUSPICIOUS_LOGIN_ACTIVITY = 2;
 
     // The request matched a profile that previously had suspicious account
-    // creation behavior. This could mean this is a fake account.
+    // creation behavior. This can mean that this is a fake account.
     SUSPICIOUS_ACCOUNT_CREATION = 3;
 
     // The account in the request has a high number of related accounts. It does
-    // not necessarily imply that the account is bad but could require
-    // investigating.
+    // not necessarily imply that the account is bad but can require further
+    // investigation.
     RELATED_ACCOUNTS_NUMBER_HIGH = 4;
   }
 
@@ -425,31 +471,6 @@ message AccountDefenderAssessment {
   repeated AccountDefenderLabel labels = 1;
 }
 
-// Private password leak verification info.
-message PrivatePasswordLeakVerification {
-  // Exactly 26-bit prefix of the SHA-256 hash of the canonicalized username. It
-  // is used to look up password leaks associated with that hash prefix.
-  bytes lookup_hash_prefix = 1 [(google.api.field_behavior) = OPTIONAL];
-
-  // Encrypted Scrypt hash of the canonicalized username+password. It is
-  // re-encrypted by the server and returned through
-  // `reencrypted_user_credentials_hash`.
-  bytes encrypted_user_credentials_hash = 2
-      [(google.api.field_behavior) = OPTIONAL];
-
-  // List of prefixes of the encrypted potential password leaks that matched the
-  // given parameters. They should be compared with the client-side decryption
-  // prefix of `reencrypted_user_credentials_hash`
-  repeated bytes encrypted_leak_match_prefixes = 3
-      [(google.api.field_behavior) = OUTPUT_ONLY];
-
-  // Corresponds to the re-encryption of the `encrypted_user_credentials_hash`
-  // field. Used to match potential password leaks within
-  // `encrypted_leak_match_prefixes`.
-  bytes reencrypted_user_credentials_hash = 4
-      [(google.api.field_behavior) = OUTPUT_ONLY];
-}
-
 // The create key request message.
 message CreateKeyRequest {
   // Required. The name of the project in which the key will be created, in the
@@ -495,6 +516,18 @@ message ListKeysResponse {
   string next_page_token = 2;
 }
 
+// The retrieve legacy secret key request message.
+message RetrieveLegacySecretKeyRequest {
+  // Required. The public key name linked to the requested secret key in the format
+  // "projects/{project}/keys/{key}".
+  string key = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      type: "recaptchaenterprise.googleapis.com/Key"
+    }
+  ];
+}
+
 // The get key request message.
 message GetKeyRequest {
   // Required. The name of the requested key, in the format
@@ -512,10 +545,9 @@ message UpdateKeyRequest {
   // Required. The key to update.
   Key key = 1 [(google.api.field_behavior) = REQUIRED];
 
-  // Optional. The mask to control which fields of the key get updated. If the
-  // mask is not present, all fields will be updated.
-  google.protobuf.FieldMask update_mask = 2
-      [(google.api.field_behavior) = OPTIONAL];
+  // Optional. The mask to control which fields of the key get updated. If the mask is not
+  // present, all fields will be updated.
+  google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = OPTIONAL];
 }
 
 // The delete key request message.
@@ -578,6 +610,16 @@ message Metrics {
   repeated ChallengeMetrics challenge_metrics = 3;
 }
 
+// Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd party
+// integration with legacy reCAPTCHA.
+message RetrieveLegacySecretKeyResponse {
+  // The secret key (also known as shared secret) authorizes communication
+  // between your application backend and the reCAPTCHA Enterprise server to
+  // create an assessment.
+  // The secret key needs to be kept safe for security purposes.
+  string legacy_secret_key = 1;
+}
+
 // A key used to identify and configure applications (web and/or mobile) that
 // use reCAPTCHA Enterprise.
 message Key {
@@ -593,8 +635,8 @@ message Key {
   // Human-readable display name of this key. Modifiable by user.
   string display_name = 2;
 
-  // Platform specific settings for this key. The key can only be used on one
-  // platform, the one it has settings for.
+  // Platform specific settings for this key. The key can only be used on a
+  // platform for which the settings are enabled.
   oneof platform_settings {
     // Settings for keys that can be used by websites.
     WebKeySettings web_settings = 3;
@@ -777,14 +819,14 @@ message ListRelatedAccountGroupMembershipsRequest {
     }
   ];
 
-  // Optional. The maximum number of accounts to return. The service may return
-  // fewer than this value. If unspecified, at most 50 accounts will be
-  // returned. The maximum value is 1000; values above 1000 will be coerced to
-  // 1000.
+  // Optional. The maximum number of accounts to return. The service might return fewer
+  // than this value.
+  // If unspecified, at most 50 accounts are returned.
+  // The maximum value is 1000; values above 1000 are coerced to 1000.
   int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. A page token, received from a previous
-  // `ListRelatedAccountGroupMemberships` call.
+  // Optional. A page token, received from a previous `ListRelatedAccountGroupMemberships`
+  // call.
   //
   // When paginating, all other parameters provided to
   // `ListRelatedAccountGroupMemberships` must match the call that provided the
@@ -804,8 +846,8 @@ message ListRelatedAccountGroupMembershipsResponse {
 
 // The request message to list related account groups.
 message ListRelatedAccountGroupsRequest {
-  // Required. The name of the project to list related account groups from, in
-  // the format "projects/{project}".
+  // Required. The name of the project to list related account groups from, in the format
+  // "projects/{project}".
   string parent = 1 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = {
@@ -813,13 +855,14 @@ message ListRelatedAccountGroupsRequest {
     }
   ];
 
-  // Optional. The maximum number of groups to return. The service may return
-  // fewer than this value. If unspecified, at most 50 groups will be returned.
-  // The maximum value is 1000; values above 1000 will be coerced to 1000.
+  // Optional. The maximum number of groups to return. The service might return fewer than
+  // this value.
+  // If unspecified, at most 50 groups are returned.
+  // The maximum value is 1000; values above 1000 are coerced to 1000.
   int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. A page token, received from a previous `ListRelatedAccountGroups`
-  // call. Provide this to retrieve the subsequent page.
+  // Optional. A page token, received from a previous `ListRelatedAccountGroups` call.
+  // Provide this to retrieve the subsequent page.
   //
   // When paginating, all other parameters provided to
   // `ListRelatedAccountGroups` must match the call that provided the page
@@ -839,8 +882,8 @@ message ListRelatedAccountGroupsResponse {
 
 // The request message to search related account group memberships.
 message SearchRelatedAccountGroupMembershipsRequest {
-  // Required. The name of the project to search related account group
-  // memberships from, in the format "projects/{project}".
+  // Required. The name of the project to search related account group memberships from.
+  // Specify the project name in the following format: "projects/{project}".
   string project = 1 [
     (google.api.field_behavior) = REQUIRED,
     (google.api.resource_reference) = {
@@ -848,14 +891,15 @@ message SearchRelatedAccountGroupMembershipsRequest {
     }
   ];
 
-  // Optional. The unique stable hashed user identifier we should search
-  // connections to. The identifier should correspond to a `hashed_account_id`
-  // provided in a previous CreateAssessment or AnnotateAssessment call.
+  // Optional. The unique stable hashed user identifier we should search connections to.
+  // The identifier should correspond to a `hashed_account_id` provided in a
+  // previous `CreateAssessment` or `AnnotateAssessment` call.
   bytes hashed_account_id = 2 [(google.api.field_behavior) = OPTIONAL];
 
-  // Optional. The maximum number of groups to return. The service may return
-  // fewer than this value. If unspecified, at most 50 groups will be returned.
-  // The maximum value is 1000; values above 1000 will be coerced to 1000.
+  // Optional. The maximum number of groups to return. The service might return fewer than
+  // this value.
+  // If unspecified, at most 50 groups are returned.
+  // The maximum value is 1000; values above 1000 are coerced to 1000.
   int32 page_size = 3 [(google.api.field_behavior) = OPTIONAL];
 
   // Optional. A page token, received from a previous
@@ -896,7 +940,7 @@ message RelatedAccountGroupMembership {
 
   // The unique stable hashed user identifier of the member. The identifier
   // corresponds to a `hashed_account_id` provided in a previous
-  // CreateAssessment or AnnotateAssessment call.
+  // `CreateAssessment` or `AnnotateAssessment` call.
   bytes hashed_account_id = 2;
 }
 
diff --git a/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/AsyncRetrieveLegacySecretKey.java b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/AsyncRetrieveLegacySecretKey.java
new file mode 100644
index 000000000000..f5a5ba15330f
--- /dev/null
+++ b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/AsyncRetrieveLegacySecretKey.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.recaptchaenterprise.v1.samples;
+
+// [START recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.recaptchaenterprise.v1.RecaptchaEnterpriseServiceClient;
+import com.google.recaptchaenterprise.v1.KeyName;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
+
+public class AsyncRetrieveLegacySecretKey {
+
+  public static void main(String[] args) throws Exception {
+    asyncRetrieveLegacySecretKey();
+  }
+
+  public static void asyncRetrieveLegacySecretKey() throws Exception {
+    // This snippet has been automatically generated and should be regarded as a code template only.
+    // It will require modifications to work:
+    // - It may require correct/in-range values for request initialization.
+    // - It may require specifying regional endpoints when creating the service client as shown in
+    // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+    try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+        RecaptchaEnterpriseServiceClient.create()) {
+      RetrieveLegacySecretKeyRequest request =
+          RetrieveLegacySecretKeyRequest.newBuilder()
+              .setKey(KeyName.of("[PROJECT]", "[KEY]").toString())
+              .build();
+      ApiFuture<RetrieveLegacySecretKeyResponse> future =
+          recaptchaEnterpriseServiceClient.retrieveLegacySecretKeyCallable().futureCall(request);
+      // Do something.
+      RetrieveLegacySecretKeyResponse response = future.get();
+    }
+  }
+}
+// [END recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_async]
diff --git a/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKey.java b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKey.java
new file mode 100644
index 000000000000..5b04d35609e4
--- /dev/null
+++ b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKey.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.recaptchaenterprise.v1.samples;
+
+// [START recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_sync]
+import com.google.cloud.recaptchaenterprise.v1.RecaptchaEnterpriseServiceClient;
+import com.google.recaptchaenterprise.v1.KeyName;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyRequest;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
+
+public class SyncRetrieveLegacySecretKey {
+
+  public static void main(String[] args) throws Exception {
+    syncRetrieveLegacySecretKey();
+  }
+
+  public static void syncRetrieveLegacySecretKey() throws Exception {
+    // This snippet has been automatically generated and should be regarded as a code template only.
+    // It will require modifications to work:
+    // - It may require correct/in-range values for request initialization.
+    // - It may require specifying regional endpoints when creating the service client as shown in
+    // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+    try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+        RecaptchaEnterpriseServiceClient.create()) {
+      RetrieveLegacySecretKeyRequest request =
+          RetrieveLegacySecretKeyRequest.newBuilder()
+              .setKey(KeyName.of("[PROJECT]", "[KEY]").toString())
+              .build();
+      RetrieveLegacySecretKeyResponse response =
+          recaptchaEnterpriseServiceClient.retrieveLegacySecretKey(request);
+    }
+  }
+}
+// [END recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_sync]
diff --git a/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyKeyname.java b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyKeyname.java
new file mode 100644
index 000000000000..0ab7348554dd
--- /dev/null
+++ b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyKeyname.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.recaptchaenterprise.v1.samples;
+
+// [START recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_keyname_sync]
+import com.google.cloud.recaptchaenterprise.v1.RecaptchaEnterpriseServiceClient;
+import com.google.recaptchaenterprise.v1.KeyName;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
+
+public class SyncRetrieveLegacySecretKeyKeyname {
+
+  public static void main(String[] args) throws Exception {
+    syncRetrieveLegacySecretKeyKeyname();
+  }
+
+  public static void syncRetrieveLegacySecretKeyKeyname() throws Exception {
+    // This snippet has been automatically generated and should be regarded as a code template only.
+    // It will require modifications to work:
+    // - It may require correct/in-range values for request initialization.
+    // - It may require specifying regional endpoints when creating the service client as shown in
+    // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+    try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+        RecaptchaEnterpriseServiceClient.create()) {
+      KeyName key = KeyName.of("[PROJECT]", "[KEY]");
+      RetrieveLegacySecretKeyResponse response =
+          recaptchaEnterpriseServiceClient.retrieveLegacySecretKey(key);
+    }
+  }
+}
+// [END recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_keyname_sync]
diff --git a/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyString.java b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyString.java
new file mode 100644
index 000000000000..5c8e3c87f9ed
--- /dev/null
+++ b/java-recaptchaenterprise/samples/snippets/generated/com/google/cloud/recaptchaenterprise/v1/recaptchaenterpriseserviceclient/retrievelegacysecretkey/SyncRetrieveLegacySecretKeyString.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.recaptchaenterprise.v1.samples;
+
+// [START recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_string_sync]
+import com.google.cloud.recaptchaenterprise.v1.RecaptchaEnterpriseServiceClient;
+import com.google.recaptchaenterprise.v1.KeyName;
+import com.google.recaptchaenterprise.v1.RetrieveLegacySecretKeyResponse;
+
+public class SyncRetrieveLegacySecretKeyString {
+
+  public static void main(String[] args) throws Exception {
+    syncRetrieveLegacySecretKeyString();
+  }
+
+  public static void syncRetrieveLegacySecretKeyString() throws Exception {
+    // This snippet has been automatically generated and should be regarded as a code template only.
+    // It will require modifications to work:
+    // - It may require correct/in-range values for request initialization.
+    // - It may require specifying regional endpoints when creating the service client as shown in
+    // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+    try (RecaptchaEnterpriseServiceClient recaptchaEnterpriseServiceClient =
+        RecaptchaEnterpriseServiceClient.create()) {
+      String key = KeyName.of("[PROJECT]", "[KEY]").toString();
+      RetrieveLegacySecretKeyResponse response =
+          recaptchaEnterpriseServiceClient.retrieveLegacySecretKey(key);
+    }
+  }
+}
+// [END recaptchaenterprise_v1_generated_recaptchaenterpriseserviceclient_retrievelegacysecretkey_string_sync]