docs(generated): update auth information

README.md

@@ -31,6 +31,7 @@ to avoid surprises.
       - [IAM API key authentication](#iam-api-key-authentication)
       - [IAM Trusted profile (container) authentication](#iam-trusted-profile-container-authentication)
       - [IAM Trusted profile (VPC) authentication](#iam-trusted-profile-vpc-authentication)
+      - [IAM Trusted profile (assume identity) authentication](#iam-trusted-profile-assume-identity-authentication)
       - [Session cookie authentication](#session-cookie-authentication)
     + [Authentication with external configuration](#authentication-with-external-configuration)
     + [Programmatic authentication](#programmatic-authentication)
@@ -176,47 +177,41 @@ Examples for other configuration methods are available by following the provided
 
 
 This library requires credentials to authenticate with IBM Cloudant. These credentials may be:
-* IBM Cloud IAM credentials (can be used with authentication types `CONTAINER`, `VPC` and `IAM`)
+* IBM Cloud IAM credentials (with authentication types `CONTAINER`, `VPC`, `IAMASSUME` and `IAM`)
   * [IBM Cloud account](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-managing-access-for-cloudant#introduction-iam-ai) user, service ID or trusted profile credentials
-    that have been granted access to the IBM Cloud Cloudant resource instance.
+    that have access granted to the IBM Cloud Cloudant resource instance.
   * [IBM Cloudant service credentials](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-locating-your-service-credentials) generated by the IBM Cloud Cloudant resource instance.
-* Username and password credentials (can be used with authentication types `COUCHDB_SESSION` and `BASIC`)
+* Username and password credentials (with authentication types `COUCHDB_SESSION` and `BASIC`)
   * [IBM Cloudant service credentials](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-locating-your-service-credentials) generated for an IBM Cloud Cloudant resource instance not configured as `IAM only`.
-  * IBM Cloudant [legacy credentials](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-work-with-your-account#basic-authentication) (i.e. username and password) for instances not in IBM Cloud.
+  * IBM Cloudant [legacy credentials](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-work-with-your-account#basic-authentication) (username and password) for instances not in IBM Cloud.
   * IBM Cloudant [legacy API keys](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-work-with-your-account#api-keys).
 
-For other compatible APIs that are not Cloudant accounts (e.g. Apache CouchDB) non-IAM based authentication types
-must be used.
-
-This table summarizes the available authentication types.
-The authentication types are listed in order of recommendation, preferably use the authentication type
-from the first row in the table that is compatible with your environment.
-
 | Authentication type | Recommended for | `AUTH_TYPE` | Description |
 | --- | --- | --- | --- |
-| IAM Trusted Profiles compute resource ([container](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#container-authentication)) | Cloudant<BR>(SDK running in IBM Cloud IKS) | `CONTAINER` | Obtains a compute resource (CR) token from the container.<BR>Exchanges the CR token for an IAM `access_token`.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
-| IAM Trusted Profiles compute resource ([VPC](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#vpc-instance-authentication)) | Cloudant<BR>(SDK running in IBM Cloud VPC) | `VPC` | Obtains an identity token from the VPC instance metadata.<BR>Exchanges the identity token for an IAM `access_token`.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
-| [IAM API key](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#identity-and-access-management-iam-authentication) | Cloudant | `IAM` | Exchanges an IAM API key for an IAM `access_token`.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
+| IAM Trusted Profiles (compute resource [container](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#container-authentication)) | Cloudant<BR>(SDK running in IBM Cloud IKS) | `CONTAINER` | Obtains a compute resource (CR) token from the container.<BR>Exchanges the CR token for an IAM `access_token`.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
+| IAM Trusted Profiles (compute resource [VPC](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#vpc-instance-authentication)) | Cloudant<BR>(SDK running in IBM Cloud VPC) | `VPC` | Obtains an identity token from the VPC instance metadata.<BR>Exchanges the identity token for an IAM `access_token`.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
+| IAM Trusted Profiles ([assume identity](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#identity-and-access-management-iam-authentication-grant-type-assume)) | Cloudant | `IAMASSUME` | Exchanges an IAM API key for an IAM `access_token` (same as `IAM` auth type).<BR>Uses that initial token to obtain a second `access_token` from IAM with the assumed identity information.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
+| [IAM API key](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#identity-and-access-management-iam-authentication-grant-type-apikey) | Cloudant | `IAM` | Exchanges an IAM API key for an IAM `access_token`.<BR>Adds an `Authorization: Bearer <access_token>` header to each HTTP request.<BR>Automatically renews the access token when needed. |
 | [Session cookie](#session-cookie-authentication) | [Cloudant](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-work-with-your-account#cookie-authentication)<BR>(legacy credentials & instances without IAM)<BR><BR>[Apache CouchDB](https://docs.couchdb.org/en/stable/api/server/authn.html#cookie-authentication) | `COUCHDB_SESSION` | Exchanges credentials with `/_session` endpoint to retrieve a cookie.<BR>Adds `Cookie` header and content to each HTTP request.<BR>Automatically renews session when needed. |
 | [Bearer token](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#bearer-token-authentication) | [Apache CouchDB](https://docs.couchdb.org/en/stable/api/server/authn.html#jwt-authentication)<BR>(using JWT authentication) | `BEARERTOKEN` | Adds an `Authorization: Bearer <token>` to each HTTP request.<BR>No token management or renewal.<BR>Also compatible with IAM access tokens managed independently of the SDK. |
 | [Basic](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#basic-authentication) | [Apache CouchDB](https://docs.couchdb.org/en/stable/api/server/authn.html#basic-authentication)<BR>(if cookies are not enabled) | `BASIC` | Adds an `Authorization: Basic <encoded username and password>` header to each HTTP request. |
 | [None](https://github.com/IBM/java-sdk-core/blob/main/Authentication.md#no-auth-authentication) | - | `NOAUTH` | Note that this authentication type only works for operations against a database allowing access for unauthenticated users. |
 
-The default authentication type for the SDK is `CONTAINER` unless `APIKEY` configuration is supplied, which changes the default authentication type to `IAM`.
+The default authentication type for the SDK is `CONTAINER` unless supplying `APIKEY` configuration, which changes the default authentication type to `IAM`.
 
 #### Authentication with environment variables
 
-The default service name is `CLOUDANT` so `CLOUDANT_` prefixed names are used in these examples.
+The default service name is `CLOUDANT` so these examples use `CLOUDANT_` prefixed names.
 
-Any custom service name prefix can be used as long as the matching name is used to instantiate the SDK client
-and the same prefix is used for all configuration options.
+Any custom service name prefix is valid, provided it matches the name used to instantiate the SDK client
+and applied to all configuration options.
 
 ##### IAM API key authentication
 
 For Cloudant *IAM API key authentication*, set the following environmental variables by
 replacing the `<url>` and `<apikey>` with your proper
 [service credentials](https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-locating-your-service-credentials). There is no need to set
-`CLOUDANT_AUTH_TYPE` to `IAM` because it is the default when an `APIKEY` is set.
+`CLOUDANT_AUTH_TYPE` to `IAM` because it is the default when supplying an `APIKEY`.
 
 ```bash
 CLOUDANT_URL=<url>
@@ -234,7 +229,8 @@ CLOUDANT_URL=<url>
 CLOUDANT_IAM_PROFILE_ID=<id>
 ```
 
-Alternatively a profile name may be used instead of an ID by replacing `CLOUDANT_IAM_PROFILE_ID` with `CLOUDANT_IAM_PROFILE_NAME`.
+Alternatives to `CLOUDANT_IAM_PROFILE_ID`:
+* `CLOUDANT_IAM_PROFILE_NAME`
 
 ##### IAM Trusted profile (VPC) authentication
 
@@ -247,7 +243,24 @@ CLOUDANT_URL=<url>
 CLOUDANT_IAM_PROFILE_ID=<id>
 ```
 
-Alternatively a profile CRN may be used instead of an ID by replacing `CLOUDANT_IAM_PROFILE_ID` with `CLOUDANT_IAM_PROFILE_CRN`.
+Alternatives to `CLOUDANT_IAM_PROFILE_ID`:
+* `CLOUDANT_IAM_PROFILE_CRN`
+* No profile information (uses the default trusted profile linked to the compute resource)
+
+##### IAM Trusted profile (assume identity) authentication
+
+For Cloudant *IAM Trusted profile assume authentication*, set the following environmental variables by
+replacing the `<url>` and `<id>` with your values.
+
+```bash
+CLOUDANT_AUTH_TYPE=IAMASSUME
+CLOUDANT_URL=<url>
+CLOUDANT_IAM_PROFILE_ID=<id>
+```
+
+Alternatives to `CLOUDANT_IAM_PROFILE_ID`:
+* `CLOUDANT_IAM_PROFILE_CRN`
+* `CLOUDANT_IAM_PROFILE_NAME` *and* `CLOUDANT_IAM_ACCOUNT_ID` (ID of the account that contains the named trusted profile)
 
 ##### Session cookie authentication
 
@@ -264,11 +277,10 @@ CLOUDANT_PASSWORD=<password>
 
 #### Authentication with external configuration
 
-To use an external configuration file, the
+For more information about using an external configuration file, see the related documentation in
 [Cloudant API docs](https://cloud.ibm.com/apidocs/cloudant?code=java#authentication-with-external-configuration),
 or the
-[general SDK usage information](https://github.com/IBM/ibm-cloud-sdk-common#using-external-configuration)
-will guide you.
+[general SDK usage information](https://github.com/IBM/ibm-cloud-sdk-common#using-external-configuration).
 
 #### Programmatic authentication