From 45cedec6092a2794c5123602bac6b739cfb4f086 Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Wed, 30 Apr 2025 08:57:40 -0600
Subject: [PATCH 1/8] run v060 and add some ticks

---
 docs/tool-configuration/configuration-key.md  | 58 +++++++++----------
 .../configuration/options/options_test.go     |  4 +-
 2 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/docs/tool-configuration/configuration-key.md b/docs/tool-configuration/configuration-key.md
index e217ebe9..087047a2 100644
--- a/docs/tool-configuration/configuration-key.md
+++ b/docs/tool-configuration/configuration-key.md
@@ -7,47 +7,47 @@ The following parameters can be configured in Ping CLI's static configuration fi
 
 | Config File Property | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| activeProfile | ENUM_STRING | | The name of the stored custom configuration profile to use by default. |
-| noColor | ENUM_BOOL | --no-color | Disable text output in color. |
-| outputFormat | ENUM_OUTPUT_FORMAT | --output-format / -O | Specify the console output format.<br><br>Options are: json, text.<br><br>Example: `json` |
+| detailedExitCode | ENUM_BOOL | `--detailed-exitcode` / `-D` | Enable detailed exit code output. (default false)<br><br>0 - pingcli command succeeded with no errors or warnings.<br><br>1 - pingcli command failed with errors.<br><br>2 - pingcli command succeeded with warnings. |
+| noColor | ENUM_BOOL | `--no-color` | Disable text output in color. (default false) |
+| outputFormat | ENUM_OUTPUT_FORMAT | `--output-format` / `-O` | Specify the console output format. (default text)<br><br>Options are: json, text. |
 
 #### Ping Platform Service Properties
 
 | Config File Property | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| service.pingFederate.adminAPIPath | ENUM_STRING | --pingfederate-admin-api-path | The PingFederate API URL path used to communicate with PingFederate's admin API.<br><br>Example: `/pf-admin-api/v1` |
-| service.pingFederate.authentication.accessTokenAuth.accessToken | ENUM_STRING | --pingfederate-access-token | The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method. |
-| service.pingFederate.authentication.basicAuth.password | ENUM_STRING | --pingfederate-password | The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication. |
-| service.pingFederate.authentication.basicAuth.username | ENUM_STRING | --pingfederate-username | The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication. Example: `administrator` |
-| service.pingFederate.authentication.clientCredentialsAuth.clientID | ENUM_STRING | --pingfederate-client-id | The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| service.pingFederate.authentication.clientCredentialsAuth.clientSecret | ENUM_STRING | --pingfederate-client-secret | The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| service.pingFederate.authentication.clientCredentialsAuth.scopes | ENUM_STRING_SLICE | --pingfederate-scopes | The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type.<br><br>Accepts a comma-separated string to delimit multiple scopes.<br><br>Example: `openid,profile` |
-| service.pingFederate.authentication.clientCredentialsAuth.tokenURL | ENUM_STRING | --pingfederate-token-url | The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| service.pingFederate.authentication.type | ENUM_PINGFEDERATE_AUTH_TYPE | --pingfederate-authentication-type | The authentication type to use when connecting to the PingFederate admin API.<br><br>Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.<br><br>Example: `basicAuth` |
-| service.pingFederate.caCertificatePEMFiles | ENUM_STRING_SLICE | --pingfederate-ca-certificate-pem-files | Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS.<br><br>Accepts a comma-separated string to delimit multiple PEM files. |
-| service.pingFederate.httpsHost | ENUM_STRING | --pingfederate-https-host | The PingFederate HTTPS host used to communicate with PingFederate's admin API.<br><br>Example: `https://pingfederate-admin.bxretail.org` |
-| service.pingFederate.insecureTrustAllTLS | ENUM_BOOL | --pingfederate-insecure-trust-all-tls | Trust any certificate when connecting to the PingFederate server admin API.<br><br>This is insecure and shouldn't be enabled outside of testing. |
-| service.pingFederate.xBypassExternalValidationHeader | ENUM_BOOL | --pingfederate-x-bypass-external-validation-header | Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). |
-| service.pingOne.authentication.type | ENUM_PINGONE_AUTH_TYPE | --pingone-authentication-type | The authentication type to use to authenticate to the PingOne management API.<br><br>Options are: worker.<br><br>Example: `worker` |
-| service.pingOne.authentication.worker.clientID | ENUM_UUID | --pingone-worker-client-id | The worker client ID used to authenticate to the PingOne management API. |
-| service.pingOne.authentication.worker.clientSecret | ENUM_STRING | --pingone-worker-client-secret | The worker client secret used to authenticate to the PingOne management API. |
-| service.pingOne.authentication.worker.environmentID | ENUM_UUID | --pingone-worker-environment-id | The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API. |
-| service.pingOne.regionCode | ENUM_PINGONE_REGION_CODE | --pingone-region-code | The region code of the PingOne tenant.<br><br>Options are: AP, AU, CA, EU, NA.<br><br>Example: `NA` |
+| service.pingFederate.adminAPIPath | ENUM_STRING | `--pingfederate-admin-api-path` | The PingFederate API URL path used to communicate with PingFederate's admin API. (default /pf-admin-api/v1) |
+| service.pingFederate.authentication.accessTokenAuth.accessToken | ENUM_STRING | `--pingfederate-access-token` | The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method. |
+| service.pingFederate.authentication.basicAuth.password | ENUM_STRING | `--pingfederate-password` | The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication. |
+| service.pingFederate.authentication.basicAuth.username | ENUM_STRING | `--pingfederate-username` | The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication.<br><br>Example: 'administrator' |
+| service.pingFederate.authentication.clientCredentialsAuth.clientID | ENUM_STRING | `--pingfederate-client-id` | The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| service.pingFederate.authentication.clientCredentialsAuth.clientSecret | ENUM_STRING | `--pingfederate-client-secret` | The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| service.pingFederate.authentication.clientCredentialsAuth.scopes | ENUM_STRING_SLICE | `--pingfederate-scopes` | The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. (default [])<br><br>Accepts a comma-separated string to delimit multiple scopes.<br><br>Example: 'openid,profile' |
+| service.pingFederate.authentication.clientCredentialsAuth.tokenURL | ENUM_STRING | `--pingfederate-token-url` | The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| service.pingFederate.authentication.type | ENUM_PINGFEDERATE_AUTH_TYPE | `--pingfederate-authentication-type` | The authentication type to use when connecting to the PingFederate admin API.<br><br>Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.<br><br>Example: 'basicAuth' |
+| service.pingFederate.caCertificatePEMFiles | ENUM_STRING_SLICE | `--pingfederate-ca-certificate-pem-files` | Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS. (default [])<br><br>Accepts a comma-separated string to delimit multiple PEM files. |
+| service.pingFederate.httpsHost | ENUM_STRING | `--pingfederate-https-host` | The PingFederate HTTPS host used to communicate with PingFederate's admin API.<br><br>Example: 'https://pingfederate-admin.bxretail.org' |
+| service.pingFederate.insecureTrustAllTLS | ENUM_BOOL | `--pingfederate-insecure-trust-all-tls` | Trust any certificate when connecting to the PingFederate server admin API. (default false)<br><br>This is insecure and shouldn't be enabled outside of testing. |
+| service.pingFederate.xBypassExternalValidationHeader | ENUM_BOOL | `--pingfederate-x-bypass-external-validation-header` | Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). (default false) |
+| service.pingOne.authentication.type | ENUM_PINGONE_AUTH_TYPE | `--pingone-authentication-type` | The authentication type to use to authenticate to the PingOne management API. (default worker)<br><br>Options are: worker. |
+| service.pingOne.authentication.worker.clientID | ENUM_UUID | `--pingone-worker-client-id` | The worker client ID used to authenticate to the PingOne management API. |
+| service.pingOne.authentication.worker.clientSecret | ENUM_STRING | `--pingone-worker-client-secret` | The worker client secret used to authenticate to the PingOne management API. |
+| service.pingOne.authentication.worker.environmentID | ENUM_UUID | `--pingone-worker-environment-id` | The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API. |
+| service.pingOne.regionCode | ENUM_PINGONE_REGION_CODE | `--pingone-region-code` | The region code of the PingOne tenant.<br><br>Options are: AP, AU, CA, EU, NA.<br><br>Example: 'NA' |
 
 #### Platform Export Properties
 
 | Config File Property | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| export.format | ENUM_EXPORT_FORMAT | --format / -f | Specifies the export format.<br><br>Options are: HCL.<br><br>Example: `HCL` |
-| export.outputDirectory | ENUM_STRING | --output-directory / -d | Specifies the output directory for export. Example: `$HOME/pingcli-export` |
-| export.overwrite | ENUM_BOOL | --overwrite / -o | Overwrites the existing generated exports in output directory. |
-| export.pingone.environmentID | ENUM_UUID | --pingone-export-environment-id | The ID of the PingOne environment to export. Must be a valid PingOne UUID. |
-| export.serviceGroup | ENUM_EXPORT_SERVICE_GROUP | --service-group / -g | Specifies the service group to export. <br><br>Options are: pingone.<br><br>Example: `pingone` |
-| export.services | ENUM_EXPORT_SERVICES | --services / -s | Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services.<br><br>Options are: pingfederate, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.<br><br>Example: `pingone-sso,pingone-mfa,pingfederate` |
+| export.format | ENUM_EXPORT_FORMAT | `--format` / `-f` | Specifies the export format. (default HCL)<br><br>Options are: HCL. |
+| export.outputDirectory | ENUM_STRING | `--output-directory` / `-d` | Specifies the output directory for export. Can be an absolute filepath or a relative filepath of the present working directory. <br><br>Example: '/Users/example/pingcli-export'<br><br>Example: 'pingcli-export' |
+| export.overwrite | ENUM_BOOL | `--overwrite` / `-o` | Overwrites the existing generated exports in output directory. (default false) |
+| export.pingOne.environmentID | ENUM_UUID | `--pingone-export-environment-id` | The ID of the PingOne environment to export. Must be a valid PingOne UUID. |
+| export.serviceGroup | ENUM_EXPORT_SERVICE_GROUP | `--service-group` / `-g` | Specifies the service group to export. <br><br>Options are: pingone.<br><br>Example: 'pingone' |
+| export.services | ENUM_EXPORT_SERVICES | `--services` / `-s` | Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. <br><br>Options are: pingfederate, pingone-authorize, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.<br><br>Example: 'pingone-sso,pingone-mfa,pingfederate' |
 
 #### Custom Request Properties
 
 | Config File Property | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| request.fail | ENUM_BOOL | --fail / -f | Return non-zero exit code when HTTP custom request returns a failure status code. |
-| request.service | ENUM_REQUEST_SERVICE | --service / -s | The Ping service (configured in the active profile) to send the custom request to.<br><br>Options are: pingone.<br><br>Example: `pingone` |
\ No newline at end of file
+| request.fail | ENUM_BOOL | `--fail` / `-f` | Return non-zero exit code when HTTP custom request returns a failure status code. |
+| request.service | ENUM_REQUEST_SERVICE | `--service` / `-s` | The Ping service (configured in the active profile) to send the custom request to.<br><br>Options are: pingone.<br><br>Example: 'pingone' |
\ No newline at end of file
diff --git a/internal/configuration/options/options_test.go b/internal/configuration/options/options_test.go
index bd6e1c16..d8547b3e 100644
--- a/internal/configuration/options/options_test.go
+++ b/internal/configuration/options/options_test.go
@@ -27,9 +27,9 @@ func Test_outputOptionsMDInfo(t *testing.T) {
 
 		var flagInfo string
 		if option.Flag.Shorthand != "" {
-			flagInfo = fmt.Sprintf("--%s / -%s", option.CobraParamName, option.Flag.Shorthand)
+			flagInfo = fmt.Sprintf("`--%s` / `-%s`", option.CobraParamName, option.Flag.Shorthand)
 		} else {
-			flagInfo = fmt.Sprintf("--%s", option.CobraParamName)
+			flagInfo = fmt.Sprintf("`--%s`", option.CobraParamName)
 		}
 
 		usageString := option.Flag.Usage

From 7f4f1b95881fb945892e22ca10fc4b5e80c756ee Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Wed, 30 Apr 2025 10:57:40 -0600
Subject: [PATCH 2/8] add friendly name for option type

---
 docs/tool-configuration/configuration-key.md  | 78 +++++++++---------
 internal/configuration/options/options.go     | 82 +++++++++++++++----
 .../configuration/options/options_test.go     | 11 +--
 3 files changed, 112 insertions(+), 59 deletions(-)

diff --git a/docs/tool-configuration/configuration-key.md b/docs/tool-configuration/configuration-key.md
index 087047a2..0ee6cc1d 100644
--- a/docs/tool-configuration/configuration-key.md
+++ b/docs/tool-configuration/configuration-key.md
@@ -5,49 +5,51 @@ The following parameters can be configured in Ping CLI's static configuration fi
 
 #### General Properties
 
-| Config File Property | Type | Equivalent Parameter | Purpose |
+#### General Properties
+
+| Configuration Key | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| detailedExitCode | ENUM_BOOL | `--detailed-exitcode` / `-D` | Enable detailed exit code output. (default false)<br><br>0 - pingcli command succeeded with no errors or warnings.<br><br>1 - pingcli command failed with errors.<br><br>2 - pingcli command succeeded with warnings. |
-| noColor | ENUM_BOOL | `--no-color` | Disable text output in color. (default false) |
-| outputFormat | ENUM_OUTPUT_FORMAT | `--output-format` / `-O` | Specify the console output format. (default text)<br><br>Options are: json, text. |
+| `detailedExitCode` | Boolean | `--detailed-exitcode` / `-D` | Enable detailed exit code output. (default false)<br><br>0 - pingcli command succeeded with no errors or warnings.<br><br>1 - pingcli command failed with errors.<br><br>2 - pingcli command succeeded with warnings. |
+| `noColor` | Boolean | `--no-color` | Disable text output in color. (default false) |
+| `outputFormat` | String (enum) | `--output-format` / `-O` | Specify the console output format. (default text)<br><br>Options are: json, text. |
 
-#### Ping Platform Service Properties
+#### Export Properties
 
-| Config File Property | Type | Equivalent Parameter | Purpose |
+| Configuration Key | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| service.pingFederate.adminAPIPath | ENUM_STRING | `--pingfederate-admin-api-path` | The PingFederate API URL path used to communicate with PingFederate's admin API. (default /pf-admin-api/v1) |
-| service.pingFederate.authentication.accessTokenAuth.accessToken | ENUM_STRING | `--pingfederate-access-token` | The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method. |
-| service.pingFederate.authentication.basicAuth.password | ENUM_STRING | `--pingfederate-password` | The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication. |
-| service.pingFederate.authentication.basicAuth.username | ENUM_STRING | `--pingfederate-username` | The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication.<br><br>Example: 'administrator' |
-| service.pingFederate.authentication.clientCredentialsAuth.clientID | ENUM_STRING | `--pingfederate-client-id` | The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| service.pingFederate.authentication.clientCredentialsAuth.clientSecret | ENUM_STRING | `--pingfederate-client-secret` | The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| service.pingFederate.authentication.clientCredentialsAuth.scopes | ENUM_STRING_SLICE | `--pingfederate-scopes` | The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. (default [])<br><br>Accepts a comma-separated string to delimit multiple scopes.<br><br>Example: 'openid,profile' |
-| service.pingFederate.authentication.clientCredentialsAuth.tokenURL | ENUM_STRING | `--pingfederate-token-url` | The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| service.pingFederate.authentication.type | ENUM_PINGFEDERATE_AUTH_TYPE | `--pingfederate-authentication-type` | The authentication type to use when connecting to the PingFederate admin API.<br><br>Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.<br><br>Example: 'basicAuth' |
-| service.pingFederate.caCertificatePEMFiles | ENUM_STRING_SLICE | `--pingfederate-ca-certificate-pem-files` | Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS. (default [])<br><br>Accepts a comma-separated string to delimit multiple PEM files. |
-| service.pingFederate.httpsHost | ENUM_STRING | `--pingfederate-https-host` | The PingFederate HTTPS host used to communicate with PingFederate's admin API.<br><br>Example: 'https://pingfederate-admin.bxretail.org' |
-| service.pingFederate.insecureTrustAllTLS | ENUM_BOOL | `--pingfederate-insecure-trust-all-tls` | Trust any certificate when connecting to the PingFederate server admin API. (default false)<br><br>This is insecure and shouldn't be enabled outside of testing. |
-| service.pingFederate.xBypassExternalValidationHeader | ENUM_BOOL | `--pingfederate-x-bypass-external-validation-header` | Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). (default false) |
-| service.pingOne.authentication.type | ENUM_PINGONE_AUTH_TYPE | `--pingone-authentication-type` | The authentication type to use to authenticate to the PingOne management API. (default worker)<br><br>Options are: worker. |
-| service.pingOne.authentication.worker.clientID | ENUM_UUID | `--pingone-worker-client-id` | The worker client ID used to authenticate to the PingOne management API. |
-| service.pingOne.authentication.worker.clientSecret | ENUM_STRING | `--pingone-worker-client-secret` | The worker client secret used to authenticate to the PingOne management API. |
-| service.pingOne.authentication.worker.environmentID | ENUM_UUID | `--pingone-worker-environment-id` | The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API. |
-| service.pingOne.regionCode | ENUM_PINGONE_REGION_CODE | `--pingone-region-code` | The region code of the PingOne tenant.<br><br>Options are: AP, AU, CA, EU, NA.<br><br>Example: 'NA' |
-
-#### Platform Export Properties
-
-| Config File Property | Type | Equivalent Parameter | Purpose |
+| `export.format` | String (enum) | `--format` / `-f` | Specifies the export format. (default HCL)<br><br>Options are: HCL. |
+| `export.outputDirectory` | String | `--output-directory` / `-d` | Specifies the output directory for export. Can be an absolute filepath or a relative filepath of the present working directory. <br><br>Example: '/Users/example/pingcli-export'<br><br>Example: 'pingcli-export' |
+| `export.overwrite` | Boolean | `--overwrite` / `-o` | Overwrites the existing generated exports in output directory. (default false) |
+| `export.pingOne.environmentID` | String (UUID Format) | `--pingone-export-environment-id` | The ID of the PingOne environment to export. Must be a valid PingOne UUID. |
+| `export.serviceGroup` | String (enum) | `--service-group` / `-g` | Specifies the service group to export. <br><br>Options are: pingone.<br><br>Example: 'pingone' |
+| `export.services` | String Array (enum) | `--services` / `-s` | Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. <br><br>Options are: pingfederate, pingone-authorize, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.<br><br>Example: 'pingone-sso,pingone-mfa,pingfederate' |
+
+#### Request Properties
+
+| Configuration Key | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| export.format | ENUM_EXPORT_FORMAT | `--format` / `-f` | Specifies the export format. (default HCL)<br><br>Options are: HCL. |
-| export.outputDirectory | ENUM_STRING | `--output-directory` / `-d` | Specifies the output directory for export. Can be an absolute filepath or a relative filepath of the present working directory. <br><br>Example: '/Users/example/pingcli-export'<br><br>Example: 'pingcli-export' |
-| export.overwrite | ENUM_BOOL | `--overwrite` / `-o` | Overwrites the existing generated exports in output directory. (default false) |
-| export.pingOne.environmentID | ENUM_UUID | `--pingone-export-environment-id` | The ID of the PingOne environment to export. Must be a valid PingOne UUID. |
-| export.serviceGroup | ENUM_EXPORT_SERVICE_GROUP | `--service-group` / `-g` | Specifies the service group to export. <br><br>Options are: pingone.<br><br>Example: 'pingone' |
-| export.services | ENUM_EXPORT_SERVICES | `--services` / `-s` | Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. <br><br>Options are: pingfederate, pingone-authorize, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.<br><br>Example: 'pingone-sso,pingone-mfa,pingfederate' |
+| `request.fail` | Boolean | `--fail` / `-f` | Return non-zero exit code when HTTP custom request returns a failure status code. |
+| `request.service` | String (enum) | `--service` / `-s` | The Ping service (configured in the active profile) to send the custom request to.<br><br>Options are: pingone.<br><br>Example: 'pingone' |
 
-#### Custom Request Properties
+#### Service Properties
 
-| Config File Property | Type | Equivalent Parameter | Purpose |
+| Configuration Key | Type | Equivalent Parameter | Purpose |
 |---|---|---|---|
-| request.fail | ENUM_BOOL | `--fail` / `-f` | Return non-zero exit code when HTTP custom request returns a failure status code. |
-| request.service | ENUM_REQUEST_SERVICE | `--service` / `-s` | The Ping service (configured in the active profile) to send the custom request to.<br><br>Options are: pingone.<br><br>Example: 'pingone' |
\ No newline at end of file
+| `service.pingFederate.adminAPIPath` | String | `--pingfederate-admin-api-path` | The PingFederate API URL path used to communicate with PingFederate's admin API. (default /pf-admin-api/v1) |
+| `service.pingFederate.authentication.accessTokenAuth.accessToken` | String | `--pingfederate-access-token` | The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method. |
+| `service.pingFederate.authentication.basicAuth.password` | String | `--pingfederate-password` | The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication. |
+| `service.pingFederate.authentication.basicAuth.username` | String | `--pingfederate-username` | The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication.<br><br>Example: 'administrator' |
+| `service.pingFederate.authentication.clientCredentialsAuth.clientID` | String | `--pingfederate-client-id` | The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| `service.pingFederate.authentication.clientCredentialsAuth.clientSecret` | String | `--pingfederate-client-secret` | The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| `service.pingFederate.authentication.clientCredentialsAuth.scopes` | String Array | `--pingfederate-scopes` | The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. (default [])<br><br>Accepts a comma-separated string to delimit multiple scopes.<br><br>Example: 'openid,profile' |
+| `service.pingFederate.authentication.clientCredentialsAuth.tokenURL` | String | `--pingfederate-token-url` | The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| `service.pingFederate.authentication.type` | String (enum) | `--pingfederate-authentication-type` | The authentication type to use when connecting to the PingFederate admin API.<br><br>Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.<br><br>Example: 'basicAuth' |
+| `service.pingFederate.caCertificatePEMFiles` | String Array | `--pingfederate-ca-certificate-pem-files` | Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS. (default [])<br><br>Accepts a comma-separated string to delimit multiple PEM files. |
+| `service.pingFederate.httpsHost` | String | `--pingfederate-https-host` | The PingFederate HTTPS host used to communicate with PingFederate's admin API.<br><br>Example: 'https://pingfederate-admin.bxretail.org' |
+| `service.pingFederate.insecureTrustAllTLS` | Boolean | `--pingfederate-insecure-trust-all-tls` | Trust any certificate when connecting to the PingFederate server admin API. (default false)<br><br>This is insecure and shouldn't be enabled outside of testing. |
+| `service.pingFederate.xBypassExternalValidationHeader` | Boolean | `--pingfederate-x-bypass-external-validation-header` | Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). (default false) |
+| `service.pingOne.authentication.type` | String (enum) | `--pingone-authentication-type` | The authentication type to use to authenticate to the PingOne management API. (default worker)<br><br>Options are: worker. |
+| `service.pingOne.authentication.worker.clientID` | String (UUID Format) | `--pingone-worker-client-id` | The worker client ID used to authenticate to the PingOne management API. |
+| `service.pingOne.authentication.worker.clientSecret` | String | `--pingone-worker-client-secret` | The worker client secret used to authenticate to the PingOne management API. |
+| `service.pingOne.authentication.worker.environmentID` | String (UUID Format) | `--pingone-worker-environment-id` | The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API. |
+| `service.pingOne.regionCode` | String (enum) | `--pingone-region-code` | The region code of the PingOne tenant.<br><br>Options are: AP, AU, CA, EU, NA.<br><br>Example: 'NA' |
\ No newline at end of file
diff --git a/internal/configuration/options/options.go b/internal/configuration/options/options.go
index 3f7c1c8b..3a558069 100644
--- a/internal/configuration/options/options.go
+++ b/internal/configuration/options/options.go
@@ -9,27 +9,77 @@ import (
 	"github.com/spf13/pflag"
 )
 
-type OptionType string
+type OptionType int
 
 // OptionType enums
 const (
-	ENUM_BOOL                   OptionType = "ENUM_BOOL"
-	ENUM_EXPORT_FORMAT          OptionType = "ENUM_EXPORT_FORMAT"
-	ENUM_HEADER                 OptionType = "ENUM_HEADER"
-	ENUM_INT                    OptionType = "ENUM_INT"
-	ENUM_EXPORT_SERVICE_GROUP   OptionType = "ENUM_EXPORT_SERVICE_GROUP"
-	ENUM_EXPORT_SERVICES        OptionType = "ENUM_EXPORT_SERVICES"
-	ENUM_OUTPUT_FORMAT          OptionType = "ENUM_OUTPUT_FORMAT"
-	ENUM_PINGFEDERATE_AUTH_TYPE OptionType = "ENUM_PINGFEDERATE_AUTH_TYPE"
-	ENUM_PINGONE_AUTH_TYPE      OptionType = "ENUM_PINGONE_AUTH_TYPE"
-	ENUM_PINGONE_REGION_CODE    OptionType = "ENUM_PINGONE_REGION_CODE"
-	ENUM_REQUEST_HTTP_METHOD    OptionType = "ENUM_REQUEST_HTTP_METHOD"
-	ENUM_REQUEST_SERVICE        OptionType = "ENUM_REQUEST_SERVICE"
-	ENUM_STRING                 OptionType = "ENUM_STRING"
-	ENUM_STRING_SLICE           OptionType = "ENUM_STRING_SLICE"
-	ENUM_UUID                   OptionType = "ENUM_UUID"
+	ENUM_BOOL OptionType = iota
+	ENUM_EXPORT_FORMAT
+	ENUM_HEADER
+	ENUM_INT
+	ENUM_EXPORT_SERVICE_GROUP
+	ENUM_EXPORT_SERVICES
+	ENUM_OUTPUT_FORMAT
+	ENUM_PINGFEDERATE_AUTH_TYPE
+	ENUM_PINGONE_AUTH_TYPE
+	ENUM_PINGONE_REGION_CODE
+	ENUM_REQUEST_HTTP_METHOD
+	ENUM_REQUEST_SERVICE
+	ENUM_STRING
+	ENUM_STRING_SLICE
+	ENUM_UUID
 )
 
+var optionTypeString = map[OptionType]string{
+	ENUM_BOOL:                   "ENUM_BOOL",
+	ENUM_EXPORT_FORMAT:          "ENUM_EXPORT_FORMAT",
+	ENUM_HEADER:                 "ENUM_HEADER",
+	ENUM_INT:                    "ENUM_INT",
+	ENUM_EXPORT_SERVICE_GROUP:   "ENUM_EXPORT_SERVICE_GROUP",
+	ENUM_EXPORT_SERVICES:        "ENUM_EXPORT_SERVICES",
+	ENUM_OUTPUT_FORMAT:          "ENUM_OUTPUT_FORMAT",
+	ENUM_PINGFEDERATE_AUTH_TYPE: "ENUM_PINGFEDERATE_AUTH_TYPE",
+	ENUM_PINGONE_AUTH_TYPE:      "ENUM_PINGONE_AUTH_TYPE",
+	ENUM_PINGONE_REGION_CODE:    "ENUM_PINGONE_REGION_CODE",
+	ENUM_REQUEST_HTTP_METHOD:    "ENUM_REQUEST_HTTP_METHOD",
+	ENUM_REQUEST_SERVICE:        "ENUM_REQUEST_SERVICE",
+	ENUM_STRING:                 "ENUM_STRING",
+	ENUM_STRING_SLICE:           "ENUM_STRING_SLICE",
+	ENUM_UUID:                   "ENUM_UUID",
+}
+
+var optionTypeFriendlyString = map[OptionType]string{
+	ENUM_BOOL:                   "Boolean",
+	ENUM_EXPORT_FORMAT:          "String (enum)",
+	ENUM_HEADER:                 "Boolean",
+	ENUM_INT:                    "Number",
+	ENUM_EXPORT_SERVICE_GROUP:   "String (enum)",
+	ENUM_EXPORT_SERVICES:        "String Array (enum)",
+	ENUM_OUTPUT_FORMAT:          "String (enum)",
+	ENUM_PINGFEDERATE_AUTH_TYPE: "String (enum)",
+	ENUM_PINGONE_AUTH_TYPE:      "String (enum)",
+	ENUM_PINGONE_REGION_CODE:    "String (enum)",
+	ENUM_REQUEST_HTTP_METHOD:    "String (enum)",
+	ENUM_REQUEST_SERVICE:        "String (enum)",
+	ENUM_STRING:                 "String",
+	ENUM_STRING_SLICE:           "String Array",
+	ENUM_UUID:                   "String (UUID Format)",
+}
+
+func (e OptionType) String() string {
+	if s, ok := optionTypeString[e]; ok {
+		return s
+	}
+	return "ENUM_UNKNOWN"
+}
+
+func (e OptionType) FriendlyString() string {
+	if s, ok := optionTypeFriendlyString[e]; ok {
+		return s
+	}
+	return "Unknown"
+}
+
 type Option struct {
 	CobraParamName  string
 	CobraParamValue pflag.Value
diff --git a/internal/configuration/options/options_test.go b/internal/configuration/options/options_test.go
index d8547b3e..1ac65156 100644
--- a/internal/configuration/options/options_test.go
+++ b/internal/configuration/options/options_test.go
@@ -14,7 +14,7 @@ import (
 
 func Test_outputOptionsMDInfo(t *testing.T) {
 	// Skip this test. Use only to generate markdown table for documentation
-	t.SkipNow()
+	// t.SkipNow()
 
 	testutils_koanf.InitKoanfs(t)
 
@@ -37,18 +37,19 @@ func Test_outputOptionsMDInfo(t *testing.T) {
 		usageString = strings.ReplaceAll(usageString, "\n", "<br><br>")
 
 		if !strings.Contains(option.KoanfKey, ".") {
-			propertyCategoryInformation["general"] = append(propertyCategoryInformation["general"], fmt.Sprintf("| %s | %s | %s | %s |", option.KoanfKey, option.Type, flagInfo, usageString))
+			propertyCategoryInformation["general"] = append(propertyCategoryInformation["general"], fmt.Sprintf("| `%s` | %s | %s | %s |", option.KoanfKey, option.Type.FriendlyString(), flagInfo, usageString))
 		} else {
 			rootKey := strings.Split(option.KoanfKey, ".")[0]
-			propertyCategoryInformation[rootKey] = append(propertyCategoryInformation[rootKey], fmt.Sprintf("| %s | %s | %s | %s |", option.KoanfKey, option.Type, flagInfo, usageString))
+			propertyCategoryInformation[rootKey] = append(propertyCategoryInformation[rootKey], fmt.Sprintf("| `%s` | %s | %s | %s |", option.KoanfKey, option.Type.FriendlyString(), flagInfo, usageString))
 		}
 	}
 
 	var outputString string
 	for category, properties := range propertyCategoryInformation {
-		outputString += fmt.Sprintf("#### %s Properties\n\n", category)
+		capitalizedCategory := strings.ToUpper(category[:1]) + category[1:]
+		outputString += fmt.Sprintf("#### %s Properties\n\n", capitalizedCategory)
 
-		outputString += "| Config File Property | Type | Equivalent Parameter | Purpose |\n"
+		outputString += "| Configuration Key | Type | Equivalent Parameter | Purpose |\n"
 		outputString += "|---|---|---|---|\n"
 
 		slices.Sort(properties)

From 3f009541564fc7877b78e361673c7203cd199096 Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Wed, 30 Apr 2025 10:59:33 -0600
Subject: [PATCH 3/8] duplicate header

---
 docs/tool-configuration/configuration-key.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/docs/tool-configuration/configuration-key.md b/docs/tool-configuration/configuration-key.md
index 0ee6cc1d..256d6ff5 100644
--- a/docs/tool-configuration/configuration-key.md
+++ b/docs/tool-configuration/configuration-key.md
@@ -2,9 +2,6 @@
 
 The following parameters can be configured in Ping CLI's static configuration file, usually located at $HOME/.pingcli/config.yaml. The following describes the properties that can be set, and an example can be found at [example-configuration.md](./example-configuration.md)
 
-
-#### General Properties
-
 #### General Properties
 
 | Configuration Key | Type | Equivalent Parameter | Purpose |

From 27af1e41e2e394e6f253cd71ceadc691389a9350 Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Wed, 30 Apr 2025 11:05:03 -0600
Subject: [PATCH 4/8] lint

---
 internal/configuration/options/options.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/internal/configuration/options/options.go b/internal/configuration/options/options.go
index 3a558069..79c6f9d8 100644
--- a/internal/configuration/options/options.go
+++ b/internal/configuration/options/options.go
@@ -70,6 +70,7 @@ func (e OptionType) String() string {
 	if s, ok := optionTypeString[e]; ok {
 		return s
 	}
+
 	return "ENUM_UNKNOWN"
 }
 
@@ -77,6 +78,7 @@ func (e OptionType) FriendlyString() string {
 	if s, ok := optionTypeFriendlyString[e]; ok {
 		return s
 	}
+
 	return "Unknown"
 }
 

From d8b7a05f1aebab8074fa6b7dec27d7abb8062b2a Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Wed, 30 Apr 2025 11:19:18 -0600
Subject: [PATCH 5/8] skip generation in pipeline

---
 internal/configuration/options/options_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/configuration/options/options_test.go b/internal/configuration/options/options_test.go
index 1ac65156..a3042cc7 100644
--- a/internal/configuration/options/options_test.go
+++ b/internal/configuration/options/options_test.go
@@ -14,7 +14,7 @@ import (
 
 func Test_outputOptionsMDInfo(t *testing.T) {
 	// Skip this test. Use only to generate markdown table for documentation
-	// t.SkipNow()
+	t.SkipNow()
 
 	testutils_koanf.InitKoanfs(t)
 

From e4df15b1c0fa628e18756398cc028aa43032dd62 Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Thu, 1 May 2025 14:58:35 -0600
Subject: [PATCH 6/8] add in environment variable option

---
 docs/tool-configuration/configuration-key.md  | 74 +++++++++----------
 .../configuration/options/options_test.go     | 14 ++--
 2 files changed, 43 insertions(+), 45 deletions(-)

diff --git a/docs/tool-configuration/configuration-key.md b/docs/tool-configuration/configuration-key.md
index 256d6ff5..5ea091a1 100644
--- a/docs/tool-configuration/configuration-key.md
+++ b/docs/tool-configuration/configuration-key.md
@@ -4,49 +4,49 @@ The following parameters can be configured in Ping CLI's static configuration fi
 
 #### General Properties
 
-| Configuration Key | Type | Equivalent Parameter | Purpose |
-|---|---|---|---|
-| `detailedExitCode` | Boolean | `--detailed-exitcode` / `-D` | Enable detailed exit code output. (default false)<br><br>0 - pingcli command succeeded with no errors or warnings.<br><br>1 - pingcli command failed with errors.<br><br>2 - pingcli command succeeded with warnings. |
-| `noColor` | Boolean | `--no-color` | Disable text output in color. (default false) |
-| `outputFormat` | String (enum) | `--output-format` / `-O` | Specify the console output format. (default text)<br><br>Options are: json, text. |
+| Configuration Key | Type | Equivalent Parameter | Environment Variable | Purpose |
+|---|---|---|---|---|
+| `detailedExitCode` | Boolean | `--detailed-exitcode` / `-D` | `PINGCLI_DETAILED_EXITCODE` | Enable detailed exit code output. (default false)<br><br>0 - pingcli command succeeded with no errors or warnings.<br><br>1 - pingcli command failed with errors.<br><br>2 - pingcli command succeeded with warnings. |
+| `noColor` | Boolean | `--no-color` | `PINGCLI_NO_COLOR` | Disable text output in color. (default false) |
+| `outputFormat` | String (enum) | `--output-format` / `-O` | `PINGCLI_OUTPUT_FORMAT` | Specify the console output format. (default text)<br><br>Options are: json, text. |
 
 #### Export Properties
 
-| Configuration Key | Type | Equivalent Parameter | Purpose |
-|---|---|---|---|
-| `export.format` | String (enum) | `--format` / `-f` | Specifies the export format. (default HCL)<br><br>Options are: HCL. |
-| `export.outputDirectory` | String | `--output-directory` / `-d` | Specifies the output directory for export. Can be an absolute filepath or a relative filepath of the present working directory. <br><br>Example: '/Users/example/pingcli-export'<br><br>Example: 'pingcli-export' |
-| `export.overwrite` | Boolean | `--overwrite` / `-o` | Overwrites the existing generated exports in output directory. (default false) |
-| `export.pingOne.environmentID` | String (UUID Format) | `--pingone-export-environment-id` | The ID of the PingOne environment to export. Must be a valid PingOne UUID. |
-| `export.serviceGroup` | String (enum) | `--service-group` / `-g` | Specifies the service group to export. <br><br>Options are: pingone.<br><br>Example: 'pingone' |
-| `export.services` | String Array (enum) | `--services` / `-s` | Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. <br><br>Options are: pingfederate, pingone-authorize, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.<br><br>Example: 'pingone-sso,pingone-mfa,pingfederate' |
+| Configuration Key | Type | Equivalent Parameter | Environment Variable | Purpose |
+|---|---|---|---|---|
+| `export.format` | String (enum) | `--format` / `-f` | `PINGCLI_EXPORT_FORMAT` | Specifies the export format. (default HCL)<br><br>Options are: HCL. |
+| `export.outputDirectory` | String | `--output-directory` / `-d` | `PINGCLI_EXPORT_OUTPUT_DIRECTORY` | Specifies the output directory for export. Can be an absolute filepath or a relative filepath of the present working directory. <br><br>Example: '/Users/example/pingcli-export'<br><br>Example: 'pingcli-export' |
+| `export.overwrite` | Boolean | `--overwrite` / `-o` | `PINGCLI_EXPORT_OVERWRITE` | Overwrites the existing generated exports in output directory. (default false) |
+| `export.pingOne.environmentID` | String (UUID Format) | `--pingone-export-environment-id` | `PINGCLI_PINGONE_EXPORT_ENVIRONMENT_ID` | The ID of the PingOne environment to export. Must be a valid PingOne UUID. |
+| `export.serviceGroup` | String (enum) | `--service-group` / `-g` | `PINGCLI_EXPORT_SERVICE_GROUP` | Specifies the service group to export. <br><br>Options are: pingone.<br><br>Example: 'pingone' |
+| `export.services` | String Array (enum) | `--services` / `-s` | `PINGCLI_EXPORT_SERVICES` | Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. <br><br>Options are: pingfederate, pingone-authorize, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.<br><br>Example: 'pingone-sso,pingone-mfa,pingfederate' |
 
 #### Request Properties
 
-| Configuration Key | Type | Equivalent Parameter | Purpose |
-|---|---|---|---|
-| `request.fail` | Boolean | `--fail` / `-f` | Return non-zero exit code when HTTP custom request returns a failure status code. |
-| `request.service` | String (enum) | `--service` / `-s` | The Ping service (configured in the active profile) to send the custom request to.<br><br>Options are: pingone.<br><br>Example: 'pingone' |
+| Configuration Key | Type | Equivalent Parameter | Environment Variable | Purpose |
+|---|---|---|---|---|
+| `request.fail` | Boolean | `--fail` / `-f` | `` | Return non-zero exit code when HTTP custom request returns a failure status code. |
+| `request.service` | String (enum) | `--service` / `-s` | `PINGCLI_REQUEST_SERVICE` | The Ping service (configured in the active profile) to send the custom request to.<br><br>Options are: pingone.<br><br>Example: 'pingone' |
 
 #### Service Properties
 
-| Configuration Key | Type | Equivalent Parameter | Purpose |
-|---|---|---|---|
-| `service.pingFederate.adminAPIPath` | String | `--pingfederate-admin-api-path` | The PingFederate API URL path used to communicate with PingFederate's admin API. (default /pf-admin-api/v1) |
-| `service.pingFederate.authentication.accessTokenAuth.accessToken` | String | `--pingfederate-access-token` | The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method. |
-| `service.pingFederate.authentication.basicAuth.password` | String | `--pingfederate-password` | The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication. |
-| `service.pingFederate.authentication.basicAuth.username` | String | `--pingfederate-username` | The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication.<br><br>Example: 'administrator' |
-| `service.pingFederate.authentication.clientCredentialsAuth.clientID` | String | `--pingfederate-client-id` | The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| `service.pingFederate.authentication.clientCredentialsAuth.clientSecret` | String | `--pingfederate-client-secret` | The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| `service.pingFederate.authentication.clientCredentialsAuth.scopes` | String Array | `--pingfederate-scopes` | The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. (default [])<br><br>Accepts a comma-separated string to delimit multiple scopes.<br><br>Example: 'openid,profile' |
-| `service.pingFederate.authentication.clientCredentialsAuth.tokenURL` | String | `--pingfederate-token-url` | The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
-| `service.pingFederate.authentication.type` | String (enum) | `--pingfederate-authentication-type` | The authentication type to use when connecting to the PingFederate admin API.<br><br>Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.<br><br>Example: 'basicAuth' |
-| `service.pingFederate.caCertificatePEMFiles` | String Array | `--pingfederate-ca-certificate-pem-files` | Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS. (default [])<br><br>Accepts a comma-separated string to delimit multiple PEM files. |
-| `service.pingFederate.httpsHost` | String | `--pingfederate-https-host` | The PingFederate HTTPS host used to communicate with PingFederate's admin API.<br><br>Example: 'https://pingfederate-admin.bxretail.org' |
-| `service.pingFederate.insecureTrustAllTLS` | Boolean | `--pingfederate-insecure-trust-all-tls` | Trust any certificate when connecting to the PingFederate server admin API. (default false)<br><br>This is insecure and shouldn't be enabled outside of testing. |
-| `service.pingFederate.xBypassExternalValidationHeader` | Boolean | `--pingfederate-x-bypass-external-validation-header` | Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). (default false) |
-| `service.pingOne.authentication.type` | String (enum) | `--pingone-authentication-type` | The authentication type to use to authenticate to the PingOne management API. (default worker)<br><br>Options are: worker. |
-| `service.pingOne.authentication.worker.clientID` | String (UUID Format) | `--pingone-worker-client-id` | The worker client ID used to authenticate to the PingOne management API. |
-| `service.pingOne.authentication.worker.clientSecret` | String | `--pingone-worker-client-secret` | The worker client secret used to authenticate to the PingOne management API. |
-| `service.pingOne.authentication.worker.environmentID` | String (UUID Format) | `--pingone-worker-environment-id` | The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API. |
-| `service.pingOne.regionCode` | String (enum) | `--pingone-region-code` | The region code of the PingOne tenant.<br><br>Options are: AP, AU, CA, EU, NA.<br><br>Example: 'NA' |
\ No newline at end of file
+| Configuration Key | Type | Equivalent Parameter | Environment Variable | Purpose |
+|---|---|---|---|---|
+| `service.pingFederate.adminAPIPath` | String | `--pingfederate-admin-api-path` | `PINGCLI_PINGFEDERATE_ADMIN_API_PATH` | The PingFederate API URL path used to communicate with PingFederate's admin API. (default /pf-admin-api/v1) |
+| `service.pingFederate.authentication.accessTokenAuth.accessToken` | String | `--pingfederate-access-token` | `PINGCLI_PINGFEDERATE_ACCESS_TOKEN` | The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method. |
+| `service.pingFederate.authentication.basicAuth.password` | String | `--pingfederate-password` | `PINGCLI_PINGFEDERATE_PASSWORD` | The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication. |
+| `service.pingFederate.authentication.basicAuth.username` | String | `--pingfederate-username` | `PINGCLI_PINGFEDERATE_USERNAME` | The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication.<br><br>Example: 'administrator' |
+| `service.pingFederate.authentication.clientCredentialsAuth.clientID` | String | `--pingfederate-client-id` | `PINGCLI_PINGFEDERATE_CLIENT_ID` | The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| `service.pingFederate.authentication.clientCredentialsAuth.clientSecret` | String | `--pingfederate-client-secret` | `PINGCLI_PINGFEDERATE_CLIENT_SECRET` | The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| `service.pingFederate.authentication.clientCredentialsAuth.scopes` | String Array | `--pingfederate-scopes` | `PINGCLI_PINGFEDERATE_SCOPES` | The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. (default [])<br><br>Accepts a comma-separated string to delimit multiple scopes.<br><br>Example: 'openid,profile' |
+| `service.pingFederate.authentication.clientCredentialsAuth.tokenURL` | String | `--pingfederate-token-url` | `PINGCLI_PINGFEDERATE_TOKEN_URL` | The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. |
+| `service.pingFederate.authentication.type` | String (enum) | `--pingfederate-authentication-type` | `PINGCLI_PINGFEDERATE_AUTHENTICATION_TYPE` | The authentication type to use when connecting to the PingFederate admin API.<br><br>Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.<br><br>Example: 'basicAuth' |
+| `service.pingFederate.caCertificatePEMFiles` | String Array | `--pingfederate-ca-certificate-pem-files` | `PINGCLI_PINGFEDERATE_CA_CERTIFICATE_PEM_FILES` | Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS. (default [])<br><br>Accepts a comma-separated string to delimit multiple PEM files. |
+| `service.pingFederate.httpsHost` | String | `--pingfederate-https-host` | `PINGCLI_PINGFEDERATE_HTTPS_HOST` | The PingFederate HTTPS host used to communicate with PingFederate's admin API.<br><br>Example: 'https://pingfederate-admin.bxretail.org' |
+| `service.pingFederate.insecureTrustAllTLS` | Boolean | `--pingfederate-insecure-trust-all-tls` | `PINGCLI_PINGFEDERATE_INSECURE_TRUST_ALL_TLS` | Trust any certificate when connecting to the PingFederate server admin API. (default false)<br><br>This is insecure and shouldn't be enabled outside of testing. |
+| `service.pingFederate.xBypassExternalValidationHeader` | Boolean | `--pingfederate-x-bypass-external-validation-header` | `PINGCLI_PINGFEDERATE_X_BYPASS_EXTERNAL_VALIDATION_HEADER` | Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). (default false) |
+| `service.pingOne.authentication.type` | String (enum) | `--pingone-authentication-type` | `PINGCLI_PINGONE_AUTHENTICATION_TYPE` | The authentication type to use to authenticate to the PingOne management API. (default worker)<br><br>Options are: worker. |
+| `service.pingOne.authentication.worker.clientID` | String (UUID Format) | `--pingone-worker-client-id` | `PINGCLI_PINGONE_WORKER_CLIENT_ID` | The worker client ID used to authenticate to the PingOne management API. |
+| `service.pingOne.authentication.worker.clientSecret` | String | `--pingone-worker-client-secret` | `PINGCLI_PINGONE_WORKER_CLIENT_SECRET` | The worker client secret used to authenticate to the PingOne management API. |
+| `service.pingOne.authentication.worker.environmentID` | String (UUID Format) | `--pingone-worker-environment-id` | `PINGCLI_PINGONE_WORKER_ENVIRONMENT_ID` | The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API. |
+| `service.pingOne.regionCode` | String (enum) | `--pingone-region-code` | `PINGCLI_PINGONE_REGION_CODE` | The region code of the PingOne tenant.<br><br>Options are: AP, AU, CA, EU, NA.<br><br>Example: 'NA' |
\ No newline at end of file
diff --git a/internal/configuration/options/options_test.go b/internal/configuration/options/options_test.go
index a3042cc7..e3d72036 100644
--- a/internal/configuration/options/options_test.go
+++ b/internal/configuration/options/options_test.go
@@ -14,7 +14,7 @@ import (
 
 func Test_outputOptionsMDInfo(t *testing.T) {
 	// Skip this test. Use only to generate markdown table for documentation
-	t.SkipNow()
+	// t.SkipNow()
 
 	testutils_koanf.InitKoanfs(t)
 
@@ -37,20 +37,19 @@ func Test_outputOptionsMDInfo(t *testing.T) {
 		usageString = strings.ReplaceAll(usageString, "\n", "<br><br>")
 
 		if !strings.Contains(option.KoanfKey, ".") {
-			propertyCategoryInformation["general"] = append(propertyCategoryInformation["general"], fmt.Sprintf("| `%s` | %s | %s | %s |", option.KoanfKey, option.Type.FriendlyString(), flagInfo, usageString))
+			propertyCategoryInformation["general"] = append(propertyCategoryInformation["general"], fmt.Sprintf("| `%s` | %s | %s | `%s` | %s |", option.KoanfKey, option.Type.FriendlyString(), flagInfo, option.EnvVar, usageString))
 		} else {
 			rootKey := strings.Split(option.KoanfKey, ".")[0]
-			propertyCategoryInformation[rootKey] = append(propertyCategoryInformation[rootKey], fmt.Sprintf("| `%s` | %s | %s | %s |", option.KoanfKey, option.Type.FriendlyString(), flagInfo, usageString))
+			propertyCategoryInformation[rootKey] = append(propertyCategoryInformation[rootKey], fmt.Sprintf("| `%s` | %s | %s | `%s` | %s |", option.KoanfKey, option.Type.FriendlyString(), flagInfo, option.EnvVar, usageString))
 		}
 	}
 
 	var outputString string
 	for category, properties := range propertyCategoryInformation {
-		capitalizedCategory := strings.ToUpper(category[:1]) + category[1:]
-		outputString += fmt.Sprintf("#### %s Properties\n\n", capitalizedCategory)
+		outputString += fmt.Sprintf("#### %s Properties\n\n", strings.ToUpper(category[:1])+category[1:])
 
-		outputString += "| Configuration Key | Type | Equivalent Parameter | Purpose |\n"
-		outputString += "|---|---|---|---|\n"
+		outputString += "| Configuration Key | Type | Equivalent Parameter | Environment Variable | Purpose |\n"
+		outputString += "|---|---|---|---|---|\n"
 
 		slices.Sort(properties)
 
@@ -60,6 +59,5 @@ func Test_outputOptionsMDInfo(t *testing.T) {
 
 		outputString += "\n"
 	}
-
 	fmt.Println(outputString)
 }

From 8175a68003cfa43fada1ac07d6168b53c2b6c601 Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Thu, 1 May 2025 15:34:39 -0600
Subject: [PATCH 7/8] add ticks

---
 internal/configuration/platform/export.go       | 12 ++++++------
 internal/configuration/request/request.go       | 12 ++++++------
 internal/configuration/root/root.go             |  4 ++--
 internal/configuration/services/pingfederate.go |  6 +++---
 internal/configuration/services/pingone.go      |  6 +++---
 5 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/internal/configuration/platform/export.go b/internal/configuration/platform/export.go
index 8e27b108..535827d2 100644
--- a/internal/configuration/platform/export.go
+++ b/internal/configuration/platform/export.go
@@ -35,8 +35,8 @@ func initFormatOption() {
 			Name:      cobraParamName,
 			Shorthand: "f",
 			Usage: fmt.Sprintf(
-				"Specifies the export format. (default %s)"+
-					"\nOptions are: %s.",
+				"Specifies the export format. (default `%s`)"+
+					"\nOptions are: `%s`.",
 				customtypes.ENUM_EXPORT_FORMAT_HCL,
 				strings.Join(customtypes.ExportFormatValidValues(), ", "),
 			),
@@ -63,8 +63,8 @@ func initServiceGroupOption() {
 			Shorthand: "g",
 			Usage: fmt.Sprintf(
 				"Specifies the service group to export. "+
-					"\nOptions are: %s."+
-					"\nExample: '%s'",
+					"\nOptions are: `%s`."+
+					"\nExample: `%s`",
 				strings.Join(customtypes.ExportServiceGroupValidValues(), ", "),
 				customtypes.ENUM_EXPORT_SERVICE_GROUP_PINGONE,
 			),
@@ -91,8 +91,8 @@ func initServicesOption() {
 			Shorthand: "s",
 			Usage: fmt.Sprintf(
 				"Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. "+
-					"\nOptions are: %s."+
-					"\nExample: '%s,%s,%s'",
+					"\nOptions are: `%s`."+
+					"\nExample: `%s,%s,%s`",
 				strings.Join(customtypes.ExportServicesValidValues(), ", "),
 				customtypes.ENUM_EXPORT_SERVICE_PINGONE_SSO,
 				customtypes.ENUM_EXPORT_SERVICE_PINGONE_MFA,
diff --git a/internal/configuration/request/request.go b/internal/configuration/request/request.go
index 70bf779d..88ab56c7 100644
--- a/internal/configuration/request/request.go
+++ b/internal/configuration/request/request.go
@@ -108,8 +108,8 @@ func initHTTPMethodOption() {
 			Shorthand: "m",
 			Usage: fmt.Sprintf(
 				"The HTTP method to use for the request. (default %s)"+
-					"\nOptions are: %s."+
-					"\nExample: '%s'",
+					"\nOptions are: `%s`."+
+					"\nExample: `%s`",
 				customtypes.ENUM_HTTP_METHOD_GET,
 				strings.Join(customtypes.HTTPMethodValidValues(), ", "),
 				customtypes.ENUM_HTTP_METHOD_POST,
@@ -137,9 +137,9 @@ func initServiceOption() {
 			Name:      cobraParamName,
 			Shorthand: "s",
 			Usage: fmt.Sprintf(
-				"The Ping service (configured in the active profile) to send the custom request to."+
-					"\nOptions are: %s."+
-					"\nExample: '%s'",
+				"The Ping Identity service (configured in the active profile) to send the custom request to."+
+					"\nOptions are: `%s`."+
+					"\nExample: `%s`",
 				strings.Join(customtypes.RequestServiceValidValues(), ", "),
 				customtypes.ENUM_REQUEST_SERVICE_PINGONE,
 			),
@@ -194,7 +194,7 @@ func initFailOption() {
 			Name:        cobraParamName,
 			NoOptDefVal: "true",
 			Shorthand:   "f",
-			Usage:       "Return non-zero exit code when HTTP custom request returns a failure status code.",
+			Usage:       "Return non-zero exit code when HTTP request returns a failure status code.",
 			Value:       cobraValue,
 		},
 		Sensitive: false,
diff --git a/internal/configuration/root/root.go b/internal/configuration/root/root.go
index 057f6b5a..a48b0d5e 100644
--- a/internal/configuration/root/root.go
+++ b/internal/configuration/root/root.go
@@ -146,8 +146,8 @@ func initOutputFormatOption() {
 			Shorthand: "O",
 			Usage: fmt.Sprintf(
 				"Specify the console output format. "+
-					"(default %s)"+
-					"\nOptions are: %s.",
+					"(default `%s`)"+
+					"\nOptions are: `%s`.",
 				customtypes.ENUM_OUTPUT_FORMAT_TEXT,
 				strings.Join(customtypes.OutputFormatValidValues(), ", "),
 			),
diff --git a/internal/configuration/services/pingfederate.go b/internal/configuration/services/pingfederate.go
index 59b96a1f..53664911 100644
--- a/internal/configuration/services/pingfederate.go
+++ b/internal/configuration/services/pingfederate.go
@@ -64,7 +64,7 @@ func initAdminAPIPathOption() {
 		Flag: &pflag.Flag{
 			Name: cobraParamName,
 			Usage: "The PingFederate API URL path used to communicate with PingFederate's admin API. " +
-				"(default /pf-admin-api/v1)",
+				"(default `/pf-admin-api/v1`)",
 			Value: cobraValue,
 		},
 		Sensitive: false,
@@ -328,8 +328,8 @@ func initPingFederateAuthenticationTypeOption() {
 			Name: cobraParamName,
 			Usage: fmt.Sprintf(
 				"The authentication type to use when connecting to the PingFederate admin API."+
-					"\nOptions are: %s."+
-					"\nExample: '%s'",
+					"\nOptions are: `%s`."+
+					"\nExample: %s`",
 				strings.Join(customtypes.PingFederateAuthenticationTypeValidValues(), ", "),
 				customtypes.ENUM_PINGFEDERATE_AUTHENTICATION_TYPE_BASIC,
 			),
diff --git a/internal/configuration/services/pingone.go b/internal/configuration/services/pingone.go
index b0ee1713..189010dd 100644
--- a/internal/configuration/services/pingone.go
+++ b/internal/configuration/services/pingone.go
@@ -101,7 +101,7 @@ func initPingOneAuthenticationTypeOption() {
 			Name: cobraParamName,
 			Usage: fmt.Sprintf(
 				"The authentication type to use to authenticate to the PingOne management API. (default %s)"+
-					"\nOptions are: %s.",
+					"\nOptions are: `%s`.",
 				customtypes.ENUM_PINGONE_AUTHENTICATION_TYPE_WORKER,
 				strings.Join(customtypes.PingOneAuthenticationTypeValidValues(), ", "),
 			),
@@ -128,8 +128,8 @@ func initRegionCodeOption() {
 			Name: cobraParamName,
 			Usage: fmt.Sprintf(
 				"The region code of the PingOne tenant."+
-					"\nOptions are: %s."+
-					"\nExample: '%s'",
+					"\nOptions are: `%s`."+
+					"\nExample: `%s`",
 				strings.Join(customtypes.PingOneRegionCodeValidValues(), ", "),
 				customtypes.ENUM_PINGONE_REGION_CODE_NA,
 			),

From 9fbcc1a4d8b18eb7c565cdfa52f017e7e49987c1 Mon Sep 17 00:00:00 2001
From: samirgandhi19 <17574913+samir-gandhi@users.noreply.github.com>
Date: Wed, 4 Jun 2025 09:14:56 -0600
Subject: [PATCH 8/8] cli help formatting

---
 internal/configuration/services/pingfederate.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/internal/configuration/services/pingfederate.go b/internal/configuration/services/pingfederate.go
index 53664911..0a8afb13 100644
--- a/internal/configuration/services/pingfederate.go
+++ b/internal/configuration/services/pingfederate.go
@@ -41,7 +41,7 @@ func initHTTPSHostOption() {
 		Flag: &pflag.Flag{
 			Name: cobraParamName,
 			Usage: "The PingFederate HTTPS host used to communicate with PingFederate's admin API." +
-				"\nExample: 'https://pingfederate-admin.bxretail.org'",
+				"\nExample: `https://pingfederate-admin.bxretail.org`",
 			Value: cobraValue,
 		},
 		Sensitive: false,
@@ -304,7 +304,7 @@ func initScopesOption() {
 				"the OAuth 2.0 client credentials grant type. " +
 				"(default [])" +
 				"\nAccepts a comma-separated string to delimit multiple scopes." +
-				"\nExample: 'openid,profile'",
+				"\nExample: `openid,profile`",
 			Value: cobraValue,
 		},
 		Sensitive: false,
@@ -329,7 +329,7 @@ func initPingFederateAuthenticationTypeOption() {
 			Usage: fmt.Sprintf(
 				"The authentication type to use when connecting to the PingFederate admin API."+
 					"\nOptions are: `%s`."+
-					"\nExample: %s`",
+					"\nExample: `%s`",
 				strings.Join(customtypes.PingFederateAuthenticationTypeValidValues(), ", "),
 				customtypes.ENUM_PINGFEDERATE_AUTHENTICATION_TYPE_BASIC,
 			),