From 37e4b115847fa6fdc1dcf36d525e58c604b07e1b Mon Sep 17 00:00:00 2001
From: SDKAuto <sdkautomation@microsoft.com>
Date: Thu, 12 Oct 2023 16:59:23 +0000
Subject: [PATCH] CodeGen from PR 26197 in Azure/azure-rest-api-specs Merge
 646dfc20708c7a926239bb42a50e42947d0cc7fc into
 e2832fd41d29088536cdf6cccc1b2deaa8488d8a

---
 .../Azure.Developer.Signing.sln               |  56 ++
 .../Azure.Developer.Signing/CHANGELOG.md      |  11 +
 .../Directory.Build.props                     |   6 +
 .../Azure.Developer.Signing/README.md         |  86 +++
 .../src/Azure.Developer.Signing.csproj        |  20 +
 ...DeveloperSigningClientBuilderExtensions.cs |  34 ++
 .../Generated/DeveloperSigningModelFactory.cs |  49 ++
 .../src/Generated/Docs/SigningClient.xml      | 329 +++++++++++
 .../ExtendedKeyUsage.Serialization.cs         |  41 ++
 .../src/Generated/ExtendedKeyUsage.cs         |  28 +
 .../src/Generated/OperationState.cs           |  57 ++
 ...rofileNameSignResultError.Serialization.cs |  68 +++
 ...usCertificateProfileNameSignResultError.cs |  51 ++
 .../src/Generated/SignResult.Serialization.cs |  57 ++
 .../src/Generated/SignResult.cs               |  68 +++
 .../src/Generated/SignatureAlgorithm.cs       |  75 +++
 .../src/Generated/SigningClient.cs            | 518 ++++++++++++++++++
 .../src/Generated/SigningClientOptions.cs     |  37 ++
 .../SigningPayloadOptions.Serialization.cs    |  63 +++
 .../src/Generated/SigningPayloadOptions.cs    |  98 ++++
 .../src/Properties/AssemblyInfo.cs            |  11 +
 .../Azure.Developer.Signing.Tests.csproj      |  29 +
 .../Samples/Samples_SigningClient.cs          | 381 +++++++++++++
 .../Azure.Developer.Signing/tsp-location.yaml |   5 +
 sdk/codesigning/ci.yml                        |  35 ++
 25 files changed, 2213 insertions(+)
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/Azure.Developer.Signing.sln
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/CHANGELOG.md
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/Directory.Build.props
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/README.md
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Azure.Developer.Signing.csproj
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningClientBuilderExtensions.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningModelFactory.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/Docs/SigningClient.xml
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.Serialization.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/OperationState.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.Serialization.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.Serialization.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SignatureAlgorithm.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClient.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClientOptions.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.Serialization.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/src/Properties/AssemblyInfo.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/tests/Azure.Developer.Signing.Tests.csproj
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/tests/Generated/Samples/Samples_SigningClient.cs
 create mode 100644 sdk/codesigning/Azure.Developer.Signing/tsp-location.yaml
 create mode 100644 sdk/codesigning/ci.yml

diff --git a/sdk/codesigning/Azure.Developer.Signing/Azure.Developer.Signing.sln b/sdk/codesigning/Azure.Developer.Signing/Azure.Developer.Signing.sln
new file mode 100644
index 000000000000..640e86661754
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/Azure.Developer.Signing.sln
@@ -0,0 +1,56 @@
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.29709.97
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Azure.Core.TestFramework", "..\..\core\Azure.Core.TestFramework\src\Azure.Core.TestFramework.csproj", "{ECC730C1-4AEA-420C-916A-66B19B79E4DC}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Azure.Developer.Signing", "src\Azure.Developer.Signing.csproj", "{28FF4005-4467-4E36-92E7-DEA27DEB1519}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Azure.Developer.Signing.Tests", "tests\Azure.Developer.Signing.Tests.csproj", "{1F1CD1D4-9932-4B73-99D8-C252A67D4B46}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{B0C276D1-2930-4887-B29A-D1A33E7009A2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{B0C276D1-2930-4887-B29A-D1A33E7009A2}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{B0C276D1-2930-4887-B29A-D1A33E7009A2}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{B0C276D1-2930-4887-B29A-D1A33E7009A2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{8E9A77AC-792A-4432-8320-ACFD46730401}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{8E9A77AC-792A-4432-8320-ACFD46730401}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{8E9A77AC-792A-4432-8320-ACFD46730401}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{8E9A77AC-792A-4432-8320-ACFD46730401}.Release|Any CPU.Build.0 = Release|Any CPU
+		{ECC730C1-4AEA-420C-916A-66B19B79E4DC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{ECC730C1-4AEA-420C-916A-66B19B79E4DC}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{ECC730C1-4AEA-420C-916A-66B19B79E4DC}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{ECC730C1-4AEA-420C-916A-66B19B79E4DC}.Release|Any CPU.Build.0 = Release|Any CPU
+		{A4241C1F-A53D-474C-9E4E-075054407E74}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{A4241C1F-A53D-474C-9E4E-075054407E74}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{A4241C1F-A53D-474C-9E4E-075054407E74}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{A4241C1F-A53D-474C-9E4E-075054407E74}.Release|Any CPU.Build.0 = Release|Any CPU
+		{FA8BD3F1-8616-47B6-974C-7576CDF4717E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{FA8BD3F1-8616-47B6-974C-7576CDF4717E}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{FA8BD3F1-8616-47B6-974C-7576CDF4717E}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{FA8BD3F1-8616-47B6-974C-7576CDF4717E}.Release|Any CPU.Build.0 = Release|Any CPU
+		{85677AD3-C214-42FA-AE6E-49B956CAC8DC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{85677AD3-C214-42FA-AE6E-49B956CAC8DC}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{85677AD3-C214-42FA-AE6E-49B956CAC8DC}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{85677AD3-C214-42FA-AE6E-49B956CAC8DC}.Release|Any CPU.Build.0 = Release|Any CPU
+		{28FF4005-4467-4E36-92E7-DEA27DEB1519}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{28FF4005-4467-4E36-92E7-DEA27DEB1519}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{28FF4005-4467-4E36-92E7-DEA27DEB1519}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{28FF4005-4467-4E36-92E7-DEA27DEB1519}.Release|Any CPU.Build.0 = Release|Any CPU
+		{1F1CD1D4-9932-4B73-99D8-C252A67D4B46}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{1F1CD1D4-9932-4B73-99D8-C252A67D4B46}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{1F1CD1D4-9932-4B73-99D8-C252A67D4B46}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{1F1CD1D4-9932-4B73-99D8-C252A67D4B46}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {A97F4B90-2591-4689-B1F8-5F21FE6D6CAE}
+	EndGlobalSection
+EndGlobal
diff --git a/sdk/codesigning/Azure.Developer.Signing/CHANGELOG.md b/sdk/codesigning/Azure.Developer.Signing/CHANGELOG.md
new file mode 100644
index 000000000000..13dd08af78ab
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/CHANGELOG.md
@@ -0,0 +1,11 @@
+# Release History
+
+## 1.0.0-beta.1 (Unreleased)
+
+### Features Added
+
+### Breaking Changes
+
+### Bugs Fixed
+
+### Other Changes
diff --git a/sdk/codesigning/Azure.Developer.Signing/Directory.Build.props b/sdk/codesigning/Azure.Developer.Signing/Directory.Build.props
new file mode 100644
index 000000000000..63bd836ad44b
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/Directory.Build.props
@@ -0,0 +1,6 @@
+<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--
+    Add any shared properties you want for the projects under this package directory that need to be set before the auto imported Directory.Build.props
+  -->
+  <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildThisFileDirectory).., Directory.Build.props))\Directory.Build.props" />
+</Project>
diff --git a/sdk/codesigning/Azure.Developer.Signing/README.md b/sdk/codesigning/Azure.Developer.Signing/README.md
new file mode 100644
index 000000000000..bf168fd5e7d2
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/README.md
@@ -0,0 +1,86 @@
+# Azure.Developer.Signing client library for .NET
+
+Azure.Developer.Signing is a managed service that helps developers get secret simply and securely.
+
+Use the client library for to:
+
+* [Get secret](https://docs.microsoft.com/azure)
+
+[Source code][source_root] | [Package (NuGet)][package] | [API reference documentation][reference_docs] | [Product documentation][azconfig_docs] | [Samples][source_samples]
+
+  [Source code](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/codesigning/Azure.Developer.Signing/src) | [Package (NuGet)](https://www.nuget.org/packages) | [API reference documentation](https://azure.github.io/azure-sdk-for-net) | [Product documentation](https://docs.microsoft.com/azure)
+
+## Getting started
+
+This section should include everything a developer needs to do to install and create their first client connection *very quickly*.
+
+### Install the package
+
+First, provide instruction for obtaining and installing the package or library. This section might include only a single line of code, like `dotnet add package package-name`, but should enable a developer to successfully install the package from NuGet, npm, or even cloning a GitHub repository.
+
+Install the client library for .NET with [NuGet](https://www.nuget.org/ ):
+
+```dotnetcli
+dotnet add package Azure.Developer.Signing --prerelease
+```
+
+### Prerequisites
+
+Include a section after the install command that details any requirements that must be satisfied before a developer can [authenticate](#authenticate-the-client) and test all of the snippets in the [Examples](#examples) section. For example, for Cosmos DB:
+
+> You must have an [Azure subscription](https://azure.microsoft.com/free/dotnet/) and [Cosmos DB account](https://docs.microsoft.com/azure/cosmos-db/account-overview) (SQL API). In order to take advantage of the C# 8.0 syntax, it is recommended that you compile using the [.NET Core SDK](https://dotnet.microsoft.com/download) 3.0 or higher with a [language version](https://docs.microsoft.com/dotnet/csharp/language-reference/configure-language-version#override-a-default) of `latest`.  It is also possible to compile with the .NET Core SDK 2.1.x using a language version of `preview`.
+
+### Authenticate the client
+
+If your library requires authentication for use, such as for Azure services, include instructions and example code needed for initializing and authenticating.
+
+For example, include details on obtaining an account key and endpoint URI, setting environment variables for each, and initializing the client object.
+
+## Key concepts
+
+The *Key concepts* section should describe the functionality of the main classes. Point out the most important and useful classes in the package (with links to their reference pages) and explain how those classes work together. Feel free to use bulleted lists, tables, code blocks, or even diagrams for clarity.
+
+Include the *Thread safety* and *Additional concepts* sections below at the end of your *Key concepts* section. You may remove or add links depending on what your library makes use of:
+
+### Thread safety
+
+We guarantee that all client instance methods are thread-safe and independent of each other ([guideline](https://azure.github.io/azure-sdk/dotnet_introduction.html#dotnet-service-methods-thread-safety)). This ensures that the recommendation of reusing client instances is always safe, even across threads.
+
+### Additional concepts
+<!-- CLIENT COMMON BAR -->
+[Client options](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/README.md#configuring-service-clients-using-clientoptions) |
+[Accessing the response](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/README.md#accessing-http-response-details-using-responset) |
+[Long-running operations](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/README.md#consuming-long-running-operations-using-operationt) |
+[Handling failures](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/README.md#reporting-errors-requestfailedexception) |
+[Diagnostics](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/Diagnostics.md) |
+[Mocking](https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/README.md#mocking) |
+[Client lifetime](https://devblogs.microsoft.com/azure-sdk/lifetime-management-and-thread-safety-guarantees-of-azure-sdk-net-clients/)
+<!-- CLIENT COMMON BAR -->
+
+## Examples
+
+You can familiarize yourself with different APIs using [Samples](https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/codesigning/Azure.Developer.Signing/samples).
+
+## Troubleshooting
+
+Describe common errors and exceptions, how to "unpack" them if necessary, and include guidance for graceful handling and recovery.
+
+Provide information to help developers avoid throttling or other service-enforced errors they might encounter. For example, provide guidance and examples for using retry or connection policies in the API.
+
+If the package or a related package supports it, include tips for logging or enabling instrumentation to help them debug their code.
+
+## Next steps
+
+* Provide a link to additional code examples, ideally to those sitting alongside the README in the package's `/samples` directory.
+* If appropriate, point users to other packages that might be useful.
+* If you think there's a good chance that developers might stumble across your package in error (because they're searching for specific functionality and mistakenly think the package provides that functionality), point them to the packages they might be looking for.
+
+## Contributing
+
+This is a template, but your SDK readme should include details on how to contribute code to the repo/package.
+
+<!-- LINKS -->
+[style-guide-msft]: https://docs.microsoft.com/style-guide/capitalization
+[style-guide-cloud]: https://aka.ms/azsdk/cloud-style-guide
+
+![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-net/sdk/codesigning/Azure.Developer.Signing/README.png)
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Azure.Developer.Signing.csproj b/sdk/codesigning/Azure.Developer.Signing/src/Azure.Developer.Signing.csproj
new file mode 100644
index 000000000000..32322937c617
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Azure.Developer.Signing.csproj
@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <Description>This is the Azure.Developer.Signing client library for developing .NET applications with rich experience.</Description>
+    <AssemblyTitle>Azure SDK Code Generation Azure.Developer.Signing for Azure Data Plane</AssemblyTitle>
+    <Version>1.0.0-beta.1</Version>
+    <PackageTags>Azure.Developer.Signing</PackageTags>
+    <TargetFrameworks>$(RequiredTargetFrameworks)</TargetFrameworks>
+    <IncludeOperationsSharedSource>true</IncludeOperationsSharedSource>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Compile Include="$(AzureCoreSharedSources)AzureResourceProviderNamespaceAttribute.cs" LinkBase="Shared/Core" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Azure.Core" />
+    <PackageReference Include="System.Text.Json" />
+  </ItemGroup>
+
+</Project>
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningClientBuilderExtensions.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningClientBuilderExtensions.cs
new file mode 100644
index 000000000000..65cde707bc2a
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningClientBuilderExtensions.cs
@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using Azure.Core.Extensions;
+using Azure.Developer.Signing;
+
+namespace Microsoft.Extensions.Azure
+{
+    /// <summary> Extension methods to add <see cref="SigningClient"/> to client builder. </summary>
+    public static partial class DeveloperSigningClientBuilderExtensions
+    {
+        /// <summary> Registers a <see cref="SigningClient"/> instance. </summary>
+        /// <param name="builder"> The builder to register with. </param>
+        /// <param name="region"> The Azure region wherein requests for signing will be sent. </param>
+        public static IAzureClientBuilder<SigningClient, SigningClientOptions> AddSigningClient<TBuilder>(this TBuilder builder, string region)
+        where TBuilder : IAzureClientFactoryBuilderWithCredential
+        {
+            return builder.RegisterClientFactory<SigningClient, SigningClientOptions>((options, cred) => new SigningClient(region, cred, options));
+        }
+
+        /// <summary> Registers a <see cref="SigningClient"/> instance. </summary>
+        /// <param name="builder"> The builder to register with. </param>
+        /// <param name="configuration"> The configuration values. </param>
+        public static IAzureClientBuilder<SigningClient, SigningClientOptions> AddSigningClient<TBuilder, TConfiguration>(this TBuilder builder, TConfiguration configuration)
+        where TBuilder : IAzureClientFactoryBuilderWithConfiguration<TConfiguration>
+        {
+            return builder.RegisterClientFactory<SigningClient, SigningClientOptions>(configuration);
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningModelFactory.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningModelFactory.cs
new file mode 100644
index 000000000000..db24edabe8d9
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/DeveloperSigningModelFactory.cs
@@ -0,0 +1,49 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using Azure;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> Model factory for models. </summary>
+    public static partial class DeveloperSigningModelFactory
+    {
+        /// <summary> Initializes a new instance of ExtendedKeyUsage. </summary>
+        /// <param name="eku"> An oid string that represents an eku. </param>
+        /// <returns> A new <see cref="Signing.ExtendedKeyUsage"/> instance for mocking. </returns>
+        public static ExtendedKeyUsage ExtendedKeyUsage(string eku = null)
+        {
+            return new ExtendedKeyUsage(eku);
+        }
+
+        /// <summary> Initializes a new instance of ResourceOperationStatusCertificateProfileNameSignResultError. </summary>
+        /// <param name="id"> The unique ID of the operation. </param>
+        /// <param name="status"> The status of the operation. </param>
+        /// <param name="error"> Error object that describes the error when status is "Failed". </param>
+        /// <param name="result"> The result of the operation. </param>
+        /// <returns> A new <see cref="Signing.ResourceOperationStatusCertificateProfileNameSignResultError"/> instance for mocking. </returns>
+        public static ResourceOperationStatusCertificateProfileNameSignResultError ResourceOperationStatusCertificateProfileNameSignResultError(string id = null, OperationState status = default, ResponseError error = null, SignResult result = null)
+        {
+            return new ResourceOperationStatusCertificateProfileNameSignResultError(id, status, error, result);
+        }
+
+        /// <summary> Initializes a new instance of SignResult. </summary>
+        /// <param name="signature"> Digital signature of the requested content digest. </param>
+        /// <param name="signingCertificate">
+        /// Signing certificate corresponding to the private key used to sign the requested
+        /// digest.
+        /// </param>
+        /// <returns> A new <see cref="Signing.SignResult"/> instance for mocking. </returns>
+        public static SignResult SignResult(BinaryData signature = null, BinaryData signingCertificate = null)
+        {
+            return new SignResult(signature, signingCertificate);
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/Docs/SigningClient.xml b/sdk/codesigning/Azure.Developer.Signing/src/Generated/Docs/SigningClient.xml
new file mode 100644
index 000000000000..a01f2e2cef3b
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/Docs/SigningClient.xml
@@ -0,0 +1,329 @@
+<?xml version="1.0" encoding="utf-8"?>
+<doc>
+  <members>
+    <member name="GetSignRootCertificateAsync(string,string,CancellationToken)">
+      <example>
+This sample shows how to call GetSignRootCertificateAsync.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response<BinaryData> response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>");
+]]></code>
+This sample shows how to call GetSignRootCertificateAsync with all parameters.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response<BinaryData> response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>");
+]]></code></example>
+    </member>
+    <member name="GetSignRootCertificate(string,string,CancellationToken)">
+      <example>
+This sample shows how to call GetSignRootCertificate.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response<BinaryData> response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>");
+]]></code>
+This sample shows how to call GetSignRootCertificate with all parameters.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response<BinaryData> response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>");
+]]></code></example>
+    </member>
+    <member name="GetSignRootCertificateAsync(string,string,RequestContext)">
+      <example>
+This sample shows how to call GetSignRootCertificateAsync and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>", null);
+
+JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+Console.WriteLine(result.ToString());
+]]></code>
+This sample shows how to call GetSignRootCertificateAsync with all parameters and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>", null);
+
+JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+Console.WriteLine(result.ToString());
+]]></code></example>
+    </member>
+    <member name="GetSignRootCertificate(string,string,RequestContext)">
+      <example>
+This sample shows how to call GetSignRootCertificate and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>", null);
+
+JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+Console.WriteLine(result.ToString());
+]]></code>
+This sample shows how to call GetSignRootCertificate with all parameters and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+Response response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>", null);
+
+JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+Console.WriteLine(result.ToString());
+]]></code></example>
+    </member>
+    <member name="GetExtendedKeyUsagesAsync(string,string,CancellationToken)">
+      <example>
+This sample shows how to call GetExtendedKeyUsagesAsync.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+await foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>"))
+{
+}
+]]></code>
+This sample shows how to call GetExtendedKeyUsagesAsync with all parameters.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+await foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>"))
+{
+}
+]]></code></example>
+    </member>
+    <member name="GetExtendedKeyUsages(string,string,CancellationToken)">
+      <example>
+This sample shows how to call GetExtendedKeyUsages.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>"))
+{
+}
+]]></code>
+This sample shows how to call GetExtendedKeyUsages with all parameters.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>"))
+{
+}
+]]></code></example>
+    </member>
+    <member name="GetExtendedKeyUsagesAsync(string,string,RequestContext)">
+      <example>
+This sample shows how to call GetExtendedKeyUsagesAsync and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+await foreach (BinaryData item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>", null))
+{
+    JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+    Console.WriteLine(result.GetProperty("eku").ToString());
+}
+]]></code>
+This sample shows how to call GetExtendedKeyUsagesAsync with all parameters and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+await foreach (BinaryData item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>", null))
+{
+    JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+    Console.WriteLine(result.GetProperty("eku").ToString());
+}
+]]></code></example>
+    </member>
+    <member name="GetExtendedKeyUsages(string,string,RequestContext)">
+      <example>
+This sample shows how to call GetExtendedKeyUsages and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+foreach (BinaryData item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>", null))
+{
+    JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+    Console.WriteLine(result.GetProperty("eku").ToString());
+}
+]]></code>
+This sample shows how to call GetExtendedKeyUsages with all parameters and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+foreach (BinaryData item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>", null))
+{
+    JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+    Console.WriteLine(result.GetProperty("eku").ToString());
+}
+]]></code></example>
+    </member>
+    <member name="SignAsync(WaitUntil,string,string,SigningPayloadOptions,CancellationToken)">
+      <example>
+This sample shows how to call SignAsync.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()));
+Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+]]></code>
+This sample shows how to call SignAsync with all parameters.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()))
+{
+    FileHashList = { BinaryData.FromObjectAsJson(new object()) },
+    AuthenticodeHashList = { BinaryData.FromObjectAsJson(new object()) },
+};
+Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+]]></code></example>
+    </member>
+    <member name="Sign(WaitUntil,string,string,SigningPayloadOptions,CancellationToken)">
+      <example>
+This sample shows how to call Sign.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()));
+Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+]]></code>
+This sample shows how to call Sign with all parameters.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()))
+{
+    FileHashList = { BinaryData.FromObjectAsJson(new object()) },
+    AuthenticodeHashList = { BinaryData.FromObjectAsJson(new object()) },
+};
+Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+]]></code></example>
+    </member>
+    <member name="SignAsync(WaitUntil,string,string,RequestContent,RequestContext)">
+      <example>
+This sample shows how to call SignAsync and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+using RequestContent content = RequestContent.Create(new
+{
+    signatureAlgorithm = "RS256",
+    digest = new object(),
+});
+Operation<BinaryData> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+BinaryData responseData = operation.Value;
+
+JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+Console.WriteLine(result.GetProperty("id").ToString());
+Console.WriteLine(result.GetProperty("status").ToString());
+]]></code>
+This sample shows how to call SignAsync with all parameters and request content and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+using RequestContent content = RequestContent.Create(new
+{
+    signatureAlgorithm = "RS256",
+    digest = new object(),
+    fileHashList = new object[]
+    {
+        new object()
+    },
+    authenticodeHashList = new object[]
+    {
+        new object()
+    },
+});
+Operation<BinaryData> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+BinaryData responseData = operation.Value;
+
+JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+Console.WriteLine(result.GetProperty("id").ToString());
+Console.WriteLine(result.GetProperty("status").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("code").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("message").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("target").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("innererror").GetProperty("code").ToString());
+Console.WriteLine(result.GetProperty("result").GetProperty("signature").ToString());
+Console.WriteLine(result.GetProperty("result").GetProperty("signingCertificate").ToString());
+]]></code></example>
+    </member>
+    <member name="Sign(WaitUntil,string,string,RequestContent,RequestContext)">
+      <example>
+This sample shows how to call Sign and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+using RequestContent content = RequestContent.Create(new
+{
+    signatureAlgorithm = "RS256",
+    digest = new object(),
+});
+Operation<BinaryData> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+BinaryData responseData = operation.Value;
+
+JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+Console.WriteLine(result.GetProperty("id").ToString());
+Console.WriteLine(result.GetProperty("status").ToString());
+]]></code>
+This sample shows how to call Sign with all parameters and request content and parse the result.
+<code><![CDATA[
+TokenCredential credential = new DefaultAzureCredential();
+SigningClient client = new SigningClient("<region>", credential);
+
+using RequestContent content = RequestContent.Create(new
+{
+    signatureAlgorithm = "RS256",
+    digest = new object(),
+    fileHashList = new object[]
+    {
+        new object()
+    },
+    authenticodeHashList = new object[]
+    {
+        new object()
+    },
+});
+Operation<BinaryData> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+BinaryData responseData = operation.Value;
+
+JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+Console.WriteLine(result.GetProperty("id").ToString());
+Console.WriteLine(result.GetProperty("status").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("code").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("message").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("target").ToString());
+Console.WriteLine(result.GetProperty("error").GetProperty("innererror").GetProperty("code").ToString());
+Console.WriteLine(result.GetProperty("result").GetProperty("signature").ToString());
+Console.WriteLine(result.GetProperty("result").GetProperty("signingCertificate").ToString());
+]]></code></example>
+    </member>
+  </members>
+</doc>
\ No newline at end of file
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.Serialization.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.Serialization.cs
new file mode 100644
index 000000000000..96885535ad02
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.Serialization.cs
@@ -0,0 +1,41 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System.Text.Json;
+using Azure;
+
+namespace Azure.Developer.Signing
+{
+    public partial class ExtendedKeyUsage
+    {
+        internal static ExtendedKeyUsage DeserializeExtendedKeyUsage(JsonElement element)
+        {
+            if (element.ValueKind == JsonValueKind.Null)
+            {
+                return null;
+            }
+            string eku = default;
+            foreach (var property in element.EnumerateObject())
+            {
+                if (property.NameEquals("eku"u8))
+                {
+                    eku = property.Value.GetString();
+                    continue;
+                }
+            }
+            return new ExtendedKeyUsage(eku);
+        }
+
+        /// <summary> Deserializes the model from a raw response. </summary>
+        /// <param name="response"> The response to deserialize the model from. </param>
+        internal static ExtendedKeyUsage FromResponse(Response response)
+        {
+            using var document = JsonDocument.Parse(response.Content);
+            return DeserializeExtendedKeyUsage(document.RootElement);
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.cs
new file mode 100644
index 000000000000..a4f76747bdca
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ExtendedKeyUsage.cs
@@ -0,0 +1,28 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> Extended key usage object identifier that are allowable. </summary>
+    public partial class ExtendedKeyUsage
+    {
+        /// <summary> Initializes a new instance of ExtendedKeyUsage. </summary>
+        internal ExtendedKeyUsage()
+        {
+        }
+
+        /// <summary> Initializes a new instance of ExtendedKeyUsage. </summary>
+        /// <param name="eku"> An oid string that represents an eku. </param>
+        internal ExtendedKeyUsage(string eku)
+        {
+            Eku = eku;
+        }
+
+        /// <summary> An oid string that represents an eku. </summary>
+        public string Eku { get; }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/OperationState.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/OperationState.cs
new file mode 100644
index 000000000000..1362bf1e81aa
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/OperationState.cs
@@ -0,0 +1,57 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.ComponentModel;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> Enum describing allowed operation states. </summary>
+    public readonly partial struct OperationState : IEquatable<OperationState>
+    {
+        private readonly string _value;
+
+        /// <summary> Initializes a new instance of <see cref="OperationState"/>. </summary>
+        /// <exception cref="ArgumentNullException"> <paramref name="value"/> is null. </exception>
+        public OperationState(string value)
+        {
+            _value = value ?? throw new ArgumentNullException(nameof(value));
+        }
+
+        private const string InProgressValue = "InProgress";
+        private const string SucceededValue = "Succeeded";
+        private const string FailedValue = "Failed";
+        private const string CanceledValue = "Canceled";
+
+        /// <summary> The operation is in progress. </summary>
+        public static OperationState InProgress { get; } = new OperationState(InProgressValue);
+        /// <summary> The operation has completed successfully. </summary>
+        public static OperationState Succeeded { get; } = new OperationState(SucceededValue);
+        /// <summary> The operation has failed. </summary>
+        public static OperationState Failed { get; } = new OperationState(FailedValue);
+        /// <summary> The operation has been canceled by the user. </summary>
+        public static OperationState Canceled { get; } = new OperationState(CanceledValue);
+        /// <summary> Determines if two <see cref="OperationState"/> values are the same. </summary>
+        public static bool operator ==(OperationState left, OperationState right) => left.Equals(right);
+        /// <summary> Determines if two <see cref="OperationState"/> values are not the same. </summary>
+        public static bool operator !=(OperationState left, OperationState right) => !left.Equals(right);
+        /// <summary> Converts a string to a <see cref="OperationState"/>. </summary>
+        public static implicit operator OperationState(string value) => new OperationState(value);
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override bool Equals(object obj) => obj is OperationState other && Equals(other);
+        /// <inheritdoc />
+        public bool Equals(OperationState other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase);
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override int GetHashCode() => _value?.GetHashCode() ?? 0;
+        /// <inheritdoc />
+        public override string ToString() => _value;
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.Serialization.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.Serialization.cs
new file mode 100644
index 000000000000..4fb5eea61272
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.Serialization.cs
@@ -0,0 +1,68 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System.Text.Json;
+using Azure;
+using Azure.Core;
+
+namespace Azure.Developer.Signing
+{
+    public partial class ResourceOperationStatusCertificateProfileNameSignResultError
+    {
+        internal static ResourceOperationStatusCertificateProfileNameSignResultError DeserializeResourceOperationStatusCertificateProfileNameSignResultError(JsonElement element)
+        {
+            if (element.ValueKind == JsonValueKind.Null)
+            {
+                return null;
+            }
+            string id = default;
+            OperationState status = default;
+            Optional<ResponseError> error = default;
+            Optional<SignResult> result = default;
+            foreach (var property in element.EnumerateObject())
+            {
+                if (property.NameEquals("id"u8))
+                {
+                    id = property.Value.GetString();
+                    continue;
+                }
+                if (property.NameEquals("status"u8))
+                {
+                    status = new OperationState(property.Value.GetString());
+                    continue;
+                }
+                if (property.NameEquals("error"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    error = JsonSerializer.Deserialize<ResponseError>(property.Value.GetRawText());
+                    continue;
+                }
+                if (property.NameEquals("result"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    result = SignResult.DeserializeSignResult(property.Value);
+                    continue;
+                }
+            }
+            return new ResourceOperationStatusCertificateProfileNameSignResultError(id, status, error.Value, result.Value);
+        }
+
+        /// <summary> Deserializes the model from a raw response. </summary>
+        /// <param name="response"> The response to deserialize the model from. </param>
+        internal static ResourceOperationStatusCertificateProfileNameSignResultError FromResponse(Response response)
+        {
+            using var document = JsonDocument.Parse(response.Content);
+            return DeserializeResourceOperationStatusCertificateProfileNameSignResultError(document.RootElement);
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.cs
new file mode 100644
index 000000000000..d32281512328
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/ResourceOperationStatusCertificateProfileNameSignResultError.cs
@@ -0,0 +1,51 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using Azure;
+using Azure.Core;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> Provides status details for long running operations. </summary>
+    public partial class ResourceOperationStatusCertificateProfileNameSignResultError
+    {
+        /// <summary> Initializes a new instance of ResourceOperationStatusCertificateProfileNameSignResultError. </summary>
+        /// <param name="id"> The unique ID of the operation. </param>
+        /// <param name="status"> The status of the operation. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="id"/> is null. </exception>
+        internal ResourceOperationStatusCertificateProfileNameSignResultError(string id, OperationState status)
+        {
+            Argument.AssertNotNull(id, nameof(id));
+
+            Id = id;
+            Status = status;
+        }
+
+        /// <summary> Initializes a new instance of ResourceOperationStatusCertificateProfileNameSignResultError. </summary>
+        /// <param name="id"> The unique ID of the operation. </param>
+        /// <param name="status"> The status of the operation. </param>
+        /// <param name="error"> Error object that describes the error when status is "Failed". </param>
+        /// <param name="result"> The result of the operation. </param>
+        internal ResourceOperationStatusCertificateProfileNameSignResultError(string id, OperationState status, ResponseError error, SignResult result)
+        {
+            Id = id;
+            Status = status;
+            Error = error;
+            Result = result;
+        }
+
+        /// <summary> The unique ID of the operation. </summary>
+        public string Id { get; }
+        /// <summary> The status of the operation. </summary>
+        public OperationState Status { get; }
+        /// <summary> Error object that describes the error when status is "Failed". </summary>
+        public ResponseError Error { get; }
+        /// <summary> The result of the operation. </summary>
+        public SignResult Result { get; }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.Serialization.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.Serialization.cs
new file mode 100644
index 000000000000..5db72a5c491d
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.Serialization.cs
@@ -0,0 +1,57 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Text.Json;
+using Azure;
+using Azure.Core;
+
+namespace Azure.Developer.Signing
+{
+    public partial class SignResult
+    {
+        internal static SignResult DeserializeSignResult(JsonElement element)
+        {
+            if (element.ValueKind == JsonValueKind.Null)
+            {
+                return null;
+            }
+            Optional<BinaryData> signature = default;
+            Optional<BinaryData> signingCertificate = default;
+            foreach (var property in element.EnumerateObject())
+            {
+                if (property.NameEquals("signature"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    signature = BinaryData.FromBytes(property.Value.GetBytesFromBase64("D"));
+                    continue;
+                }
+                if (property.NameEquals("signingCertificate"u8))
+                {
+                    if (property.Value.ValueKind == JsonValueKind.Null)
+                    {
+                        continue;
+                    }
+                    signingCertificate = BinaryData.FromBytes(property.Value.GetBytesFromBase64("D"));
+                    continue;
+                }
+            }
+            return new SignResult(signature.Value, signingCertificate.Value);
+        }
+
+        /// <summary> Deserializes the model from a raw response. </summary>
+        /// <param name="response"> The response to deserialize the model from. </param>
+        internal static SignResult FromResponse(Response response)
+        {
+            using var document = JsonDocument.Parse(response.Content);
+            return DeserializeSignResult(document.RootElement);
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.cs
new file mode 100644
index 000000000000..3a9dafe3306e
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignResult.cs
@@ -0,0 +1,68 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> The sign status model. </summary>
+    public partial class SignResult
+    {
+        /// <summary> Initializes a new instance of SignResult. </summary>
+        internal SignResult()
+        {
+        }
+
+        /// <summary> Initializes a new instance of SignResult. </summary>
+        /// <param name="signature"> Digital signature of the requested content digest. </param>
+        /// <param name="signingCertificate">
+        /// Signing certificate corresponding to the private key used to sign the requested
+        /// digest.
+        /// </param>
+        internal SignResult(BinaryData signature, BinaryData signingCertificate)
+        {
+            Signature = signature;
+            SigningCertificate = signingCertificate;
+        }
+
+        /// <summary>
+        /// Digital signature of the requested content digest.
+        /// <para>
+        /// To assign a byte[] to this property use <see cref="BinaryData.FromBytes(byte[])"/>.
+        /// The byte[] will be serialized to a Base64 encoded string.
+        /// </para>
+        /// <para>
+        /// Examples:
+        /// <list type="bullet">
+        /// <item>
+        /// <term>BinaryData.FromBytes(new byte[] { 1, 2, 3 })</term>
+        /// <description>Creates a payload of "AQID".</description>
+        /// </item>
+        /// </list>
+        /// </para>
+        /// </summary>
+        public BinaryData Signature { get; }
+        /// <summary>
+        /// Signing certificate corresponding to the private key used to sign the requested
+        /// digest.
+        /// <para>
+        /// To assign a byte[] to this property use <see cref="BinaryData.FromBytes(byte[])"/>.
+        /// The byte[] will be serialized to a Base64 encoded string.
+        /// </para>
+        /// <para>
+        /// Examples:
+        /// <list type="bullet">
+        /// <item>
+        /// <term>BinaryData.FromBytes(new byte[] { 1, 2, 3 })</term>
+        /// <description>Creates a payload of "AQID".</description>
+        /// </item>
+        /// </list>
+        /// </para>
+        /// </summary>
+        public BinaryData SigningCertificate { get; }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignatureAlgorithm.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignatureAlgorithm.cs
new file mode 100644
index 000000000000..bb26b5478429
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SignatureAlgorithm.cs
@@ -0,0 +1,75 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.ComponentModel;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> Algorithms supported for signing. </summary>
+    public readonly partial struct SignatureAlgorithm : IEquatable<SignatureAlgorithm>
+    {
+        private readonly string _value;
+
+        /// <summary> Initializes a new instance of <see cref="SignatureAlgorithm"/>. </summary>
+        /// <exception cref="ArgumentNullException"> <paramref name="value"/> is null. </exception>
+        public SignatureAlgorithm(string value)
+        {
+            _value = value ?? throw new ArgumentNullException(nameof(value));
+        }
+
+        private const string RS256Value = "RS256";
+        private const string RS384Value = "RS384";
+        private const string RS512Value = "RS512";
+        private const string PS256Value = "PS256";
+        private const string PS384Value = "PS384";
+        private const string PS512Value = "PS512";
+        private const string ES256Value = "ES256";
+        private const string ES384Value = "ES384";
+        private const string ES512Value = "ES512";
+        private const string ES256KValue = "ES256K";
+
+        /// <summary> RSASSA-PKCS1-v1_5 using SHA-256 hash algorithm. </summary>
+        public static SignatureAlgorithm RS256 { get; } = new SignatureAlgorithm(RS256Value);
+        /// <summary> RSASSA-PKCS1-v1_5 using SHA-384 hash algorithm. </summary>
+        public static SignatureAlgorithm RS384 { get; } = new SignatureAlgorithm(RS384Value);
+        /// <summary> RSASSA-PKCS1-v1_5 using SHA-512 hash algorithm. </summary>
+        public static SignatureAlgorithm RS512 { get; } = new SignatureAlgorithm(RS512Value);
+        /// <summary> RSASSA-PSS using SHA-256 hash algorithm. </summary>
+        public static SignatureAlgorithm PS256 { get; } = new SignatureAlgorithm(PS256Value);
+        /// <summary> RSASSA-PSS using SHA-384 hash algorithm. </summary>
+        public static SignatureAlgorithm PS384 { get; } = new SignatureAlgorithm(PS384Value);
+        /// <summary> RSASSA-PSS using SHA-512 hash algorithm. </summary>
+        public static SignatureAlgorithm PS512 { get; } = new SignatureAlgorithm(PS512Value);
+        /// <summary> ECDSA using P-256 and SHA-256 hash algorithm. </summary>
+        public static SignatureAlgorithm ES256 { get; } = new SignatureAlgorithm(ES256Value);
+        /// <summary> ECDSA using P-384 and SHA-384 hash algorithm. </summary>
+        public static SignatureAlgorithm ES384 { get; } = new SignatureAlgorithm(ES384Value);
+        /// <summary> ECDSA using P-521 and SHA-512 hash algorithm. </summary>
+        public static SignatureAlgorithm ES512 { get; } = new SignatureAlgorithm(ES512Value);
+        /// <summary> ECDSA using secp256k1 and SHA-256 hash algorithm. </summary>
+        public static SignatureAlgorithm ES256K { get; } = new SignatureAlgorithm(ES256KValue);
+        /// <summary> Determines if two <see cref="SignatureAlgorithm"/> values are the same. </summary>
+        public static bool operator ==(SignatureAlgorithm left, SignatureAlgorithm right) => left.Equals(right);
+        /// <summary> Determines if two <see cref="SignatureAlgorithm"/> values are not the same. </summary>
+        public static bool operator !=(SignatureAlgorithm left, SignatureAlgorithm right) => !left.Equals(right);
+        /// <summary> Converts a string to a <see cref="SignatureAlgorithm"/>. </summary>
+        public static implicit operator SignatureAlgorithm(string value) => new SignatureAlgorithm(value);
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override bool Equals(object obj) => obj is SignatureAlgorithm other && Equals(other);
+        /// <inheritdoc />
+        public bool Equals(SignatureAlgorithm other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase);
+
+        /// <inheritdoc />
+        [EditorBrowsable(EditorBrowsableState.Never)]
+        public override int GetHashCode() => _value?.GetHashCode() ?? 0;
+        /// <inheritdoc />
+        public override string ToString() => _value;
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClient.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClient.cs
new file mode 100644
index 000000000000..8b407dd67fe0
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClient.cs
@@ -0,0 +1,518 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Threading;
+using System.Threading.Tasks;
+using Autorest.CSharp.Core;
+using Azure;
+using Azure.Core;
+using Azure.Core.Pipeline;
+
+namespace Azure.Developer.Signing
+{
+    // Data plane generated client.
+    /// <summary> The Signing service client. </summary>
+    public partial class SigningClient
+    {
+        private static readonly string[] AuthorizationScopes = new string[] { "https://codesigning.azure.net/.default" };
+        private readonly TokenCredential _tokenCredential;
+        private readonly HttpPipeline _pipeline;
+        private readonly string _region;
+        private readonly string _apiVersion;
+
+        /// <summary> The ClientDiagnostics is used to provide tracing support for the client library. </summary>
+        internal ClientDiagnostics ClientDiagnostics { get; }
+
+        /// <summary> The HTTP pipeline for sending and receiving REST requests and responses. </summary>
+        public virtual HttpPipeline Pipeline => _pipeline;
+
+        /// <summary> Initializes a new instance of SigningClient for mocking. </summary>
+        protected SigningClient()
+        {
+        }
+
+        /// <summary> Initializes a new instance of SigningClient. </summary>
+        /// <param name="region"> The Azure region wherein requests for signing will be sent. </param>
+        /// <param name="credential"> A credential used to authenticate to an Azure Service. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="region"/> or <paramref name="credential"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="region"/> is an empty string, and was expected to be non-empty. </exception>
+        public SigningClient(string region, TokenCredential credential) : this(region, credential, new SigningClientOptions())
+        {
+        }
+
+        /// <summary> Initializes a new instance of SigningClient. </summary>
+        /// <param name="region"> The Azure region wherein requests for signing will be sent. </param>
+        /// <param name="credential"> A credential used to authenticate to an Azure Service. </param>
+        /// <param name="options"> The options for configuring the client. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="region"/> or <paramref name="credential"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="region"/> is an empty string, and was expected to be non-empty. </exception>
+        public SigningClient(string region, TokenCredential credential, SigningClientOptions options)
+        {
+            Argument.AssertNotNullOrEmpty(region, nameof(region));
+            Argument.AssertNotNull(credential, nameof(credential));
+            options ??= new SigningClientOptions();
+
+            ClientDiagnostics = new ClientDiagnostics(options, true);
+            _tokenCredential = credential;
+            _pipeline = HttpPipelineBuilder.Build(options, Array.Empty<HttpPipelinePolicy>(), new HttpPipelinePolicy[] { new BearerTokenAuthenticationPolicy(_tokenCredential, AuthorizationScopes) }, new ResponseClassifier());
+            _region = region;
+            _apiVersion = options.Version;
+        }
+
+        /// <summary> Gets the signing root certificate on the certificate chain for that account and profile name. </summary>
+        /// <param name="accountName"> Signing account name. </param>
+        /// <param name="certificateProfile"> Signing Certificate profile name. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> The root certificate is generated as part of the initial account creation and it is used to sign the bits for the profile provided. </remarks>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetSignRootCertificateAsync(string,string,CancellationToken)']/*" />
+        public virtual async Task<Response<BinaryData>> GetSignRootCertificateAsync(string accountName, string certificateProfile, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = await GetSignRootCertificateAsync(accountName, certificateProfile, context).ConfigureAwait(false);
+            return Response.FromValue(response.Content, response);
+        }
+
+        /// <summary> Gets the signing root certificate on the certificate chain for that account and profile name. </summary>
+        /// <param name="accountName"> Signing account name. </param>
+        /// <param name="certificateProfile"> Signing Certificate profile name. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> The root certificate is generated as part of the initial account creation and it is used to sign the bits for the profile provided. </remarks>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetSignRootCertificate(string,string,CancellationToken)']/*" />
+        public virtual Response<BinaryData> GetSignRootCertificate(string accountName, string certificateProfile, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            Response response = GetSignRootCertificate(accountName, certificateProfile, context);
+            return Response.FromValue(response.Content, response);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Gets the signing root certificate on the certificate chain for that account and profile name.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetSignRootCertificateAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="accountName"> Signing account name. </param>
+        /// <param name="certificateProfile"> Signing Certificate profile name. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetSignRootCertificateAsync(string,string,RequestContext)']/*" />
+        public virtual async Task<Response> GetSignRootCertificateAsync(string accountName, string certificateProfile, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            using var scope = ClientDiagnostics.CreateScope("SigningClient.GetSignRootCertificate");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateGetSignRootCertificateRequest(accountName, certificateProfile, context);
+                return await _pipeline.ProcessMessageAsync(message, context).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Gets the signing root certificate on the certificate chain for that account and profile name.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetSignRootCertificate(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="accountName"> Signing account name. </param>
+        /// <param name="certificateProfile"> Signing Certificate profile name. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The response returned from the service. </returns>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetSignRootCertificate(string,string,RequestContext)']/*" />
+        public virtual Response GetSignRootCertificate(string accountName, string certificateProfile, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            using var scope = ClientDiagnostics.CreateScope("SigningClient.GetSignRootCertificate");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateGetSignRootCertificateRequest(accountName, certificateProfile, context);
+                return _pipeline.ProcessMessage(message, context);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary> Gets a list of extended key usage object identifiers that are allowed for this account and profile combination. </summary>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> The list of extended key usages are used to determine the purpose of the certificate usage as part of the signing operation. </remarks>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetExtendedKeyUsagesAsync(string,string,CancellationToken)']/*" />
+        public virtual AsyncPageable<ExtendedKeyUsage> GetExtendedKeyUsagesAsync(string accountName, string certificateProfile, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            RequestContext context = cancellationToken.CanBeCanceled ? new RequestContext { CancellationToken = cancellationToken } : null;
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetExtendedKeyUsagesRequest(accountName, certificateProfile, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetExtendedKeyUsagesNextPageRequest(nextLink, accountName, certificateProfile, context);
+            return GeneratorPageableHelpers.CreateAsyncPageable(FirstPageRequest, NextPageRequest, ExtendedKeyUsage.DeserializeExtendedKeyUsage, ClientDiagnostics, _pipeline, "SigningClient.GetExtendedKeyUsages", "value", "nextLink", context);
+        }
+
+        /// <summary> Gets a list of extended key usage object identifiers that are allowed for this account and profile combination. </summary>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> The list of extended key usages are used to determine the purpose of the certificate usage as part of the signing operation. </remarks>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetExtendedKeyUsages(string,string,CancellationToken)']/*" />
+        public virtual Pageable<ExtendedKeyUsage> GetExtendedKeyUsages(string accountName, string certificateProfile, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            RequestContext context = cancellationToken.CanBeCanceled ? new RequestContext { CancellationToken = cancellationToken } : null;
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetExtendedKeyUsagesRequest(accountName, certificateProfile, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetExtendedKeyUsagesNextPageRequest(nextLink, accountName, certificateProfile, context);
+            return GeneratorPageableHelpers.CreatePageable(FirstPageRequest, NextPageRequest, ExtendedKeyUsage.DeserializeExtendedKeyUsage, ClientDiagnostics, _pipeline, "SigningClient.GetExtendedKeyUsages", "value", "nextLink", context);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Gets a list of extended key usage object identifiers that are allowed for this account and profile combination.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetExtendedKeyUsagesAsync(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="AsyncPageable{T}"/> from the service containing a list of <see cref="BinaryData"/> objects. Details of the body schema for each item in the collection are in the Remarks section below. </returns>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetExtendedKeyUsagesAsync(string,string,RequestContext)']/*" />
+        public virtual AsyncPageable<BinaryData> GetExtendedKeyUsagesAsync(string accountName, string certificateProfile, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetExtendedKeyUsagesRequest(accountName, certificateProfile, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetExtendedKeyUsagesNextPageRequest(nextLink, accountName, certificateProfile, context);
+            return GeneratorPageableHelpers.CreateAsyncPageable(FirstPageRequest, NextPageRequest, e => BinaryData.FromString(e.GetRawText()), ClientDiagnostics, _pipeline, "SigningClient.GetExtendedKeyUsages", "value", "nextLink", context);
+        }
+
+        /// <summary>
+        /// [Protocol Method] Gets a list of extended key usage object identifiers that are allowed for this account and profile combination.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="GetExtendedKeyUsages(string,string,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Pageable{T}"/> from the service containing a list of <see cref="BinaryData"/> objects. Details of the body schema for each item in the collection are in the Remarks section below. </returns>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='GetExtendedKeyUsages(string,string,RequestContext)']/*" />
+        public virtual Pageable<BinaryData> GetExtendedKeyUsages(string accountName, string certificateProfile, RequestContext context)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+
+            HttpMessage FirstPageRequest(int? pageSizeHint) => CreateGetExtendedKeyUsagesRequest(accountName, certificateProfile, context);
+            HttpMessage NextPageRequest(int? pageSizeHint, string nextLink) => CreateGetExtendedKeyUsagesNextPageRequest(nextLink, accountName, certificateProfile, context);
+            return GeneratorPageableHelpers.CreatePageable(FirstPageRequest, NextPageRequest, e => BinaryData.FromString(e.GetRawText()), ClientDiagnostics, _pipeline, "SigningClient.GetExtendedKeyUsages", "value", "nextLink", context);
+        }
+
+        /// <summary> Submit a sign operation. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="signingPayloadOptions"> The artifact request information to be signed by the service. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/>, <paramref name="certificateProfile"/> or <paramref name="signingPayloadOptions"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> Submit a sign operation under the created account and profile name provided. </remarks>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='SignAsync(WaitUntil,string,string,SigningPayloadOptions,CancellationToken)']/*" />
+        public virtual async Task<Operation<ResourceOperationStatusCertificateProfileNameSignResultError>> SignAsync(WaitUntil waitUntil, string accountName, string certificateProfile, SigningPayloadOptions signingPayloadOptions, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+            Argument.AssertNotNull(signingPayloadOptions, nameof(signingPayloadOptions));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            using RequestContent content = signingPayloadOptions.ToRequestContent();
+            Operation<BinaryData> response = await SignAsync(waitUntil, accountName, certificateProfile, content, context).ConfigureAwait(false);
+            return ProtocolOperationHelpers.Convert(response, ResourceOperationStatusCertificateProfileNameSignResultError.FromResponse, ClientDiagnostics, "SigningClient.Sign");
+        }
+
+        /// <summary> Submit a sign operation. </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="signingPayloadOptions"> The artifact request information to be signed by the service. </param>
+        /// <param name="cancellationToken"> The cancellation token to use. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/>, <paramref name="certificateProfile"/> or <paramref name="signingPayloadOptions"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <remarks> Submit a sign operation under the created account and profile name provided. </remarks>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='Sign(WaitUntil,string,string,SigningPayloadOptions,CancellationToken)']/*" />
+        public virtual Operation<ResourceOperationStatusCertificateProfileNameSignResultError> Sign(WaitUntil waitUntil, string accountName, string certificateProfile, SigningPayloadOptions signingPayloadOptions, CancellationToken cancellationToken = default)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+            Argument.AssertNotNull(signingPayloadOptions, nameof(signingPayloadOptions));
+
+            RequestContext context = FromCancellationToken(cancellationToken);
+            using RequestContent content = signingPayloadOptions.ToRequestContent();
+            Operation<BinaryData> response = Sign(waitUntil, accountName, certificateProfile, content, context);
+            return ProtocolOperationHelpers.Convert(response, ResourceOperationStatusCertificateProfileNameSignResultError.FromResponse, ClientDiagnostics, "SigningClient.Sign");
+        }
+
+        /// <summary>
+        /// [Protocol Method] Submit a sign operation.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="SignAsync(WaitUntil,string,string,SigningPayloadOptions,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/>, <paramref name="certificateProfile"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='SignAsync(WaitUntil,string,string,RequestContent,RequestContext)']/*" />
+        public virtual async Task<Operation<BinaryData>> SignAsync(WaitUntil waitUntil, string accountName, string certificateProfile, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("SigningClient.Sign");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateSignRequest(accountName, certificateProfile, content, context);
+                return await ProtocolOperationHelpers.ProcessMessageAsync(_pipeline, message, ClientDiagnostics, "SigningClient.Sign", OperationFinalStateVia.Location, context, waitUntil).ConfigureAwait(false);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        /// <summary>
+        /// [Protocol Method] Submit a sign operation.
+        /// <list type="bullet">
+        /// <item>
+        /// <description>
+        /// This <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/ProtocolMethods.md">protocol method</see> allows explicit creation of the request and processing of the response for advanced scenarios.
+        /// </description>
+        /// </item>
+        /// <item>
+        /// <description>
+        /// Please try the simpler <see cref="Sign(WaitUntil,string,string,SigningPayloadOptions,CancellationToken)"/> convenience overload with strongly typed models first.
+        /// </description>
+        /// </item>
+        /// </list>
+        /// </summary>
+        /// <param name="waitUntil"> <see cref="WaitUntil.Completed"/> if the method should wait to return until the long-running operation has completed on the service; <see cref="WaitUntil.Started"/> if it should return after starting the operation. For more information on long-running operations, please see <see href="https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/Azure.Core/samples/LongRunningOperations.md"> Azure.Core Long-Running Operation samples</see>. </param>
+        /// <param name="accountName"> Azure Developer Signing account name. </param>
+        /// <param name="certificateProfile"> Azure Developer Signing certificate profile name under an account. </param>
+        /// <param name="content"> The content to send as the body of the request. </param>
+        /// <param name="context"> The request context, which can override default behaviors of the client pipeline on a per-call basis. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="accountName"/>, <paramref name="certificateProfile"/> or <paramref name="content"/> is null. </exception>
+        /// <exception cref="ArgumentException"> <paramref name="accountName"/> or <paramref name="certificateProfile"/> is an empty string, and was expected to be non-empty. </exception>
+        /// <exception cref="RequestFailedException"> Service returned a non-success status code. </exception>
+        /// <returns> The <see cref="Operation"/> representing an asynchronous operation on the service. </returns>
+        /// <include file="Docs/SigningClient.xml" path="doc/members/member[@name='Sign(WaitUntil,string,string,RequestContent,RequestContext)']/*" />
+        public virtual Operation<BinaryData> Sign(WaitUntil waitUntil, string accountName, string certificateProfile, RequestContent content, RequestContext context = null)
+        {
+            Argument.AssertNotNullOrEmpty(accountName, nameof(accountName));
+            Argument.AssertNotNullOrEmpty(certificateProfile, nameof(certificateProfile));
+            Argument.AssertNotNull(content, nameof(content));
+
+            using var scope = ClientDiagnostics.CreateScope("SigningClient.Sign");
+            scope.Start();
+            try
+            {
+                using HttpMessage message = CreateSignRequest(accountName, certificateProfile, content, context);
+                return ProtocolOperationHelpers.ProcessMessage(_pipeline, message, ClientDiagnostics, "SigningClient.Sign", OperationFinalStateVia.Location, context, waitUntil);
+            }
+            catch (Exception e)
+            {
+                scope.Failed(e);
+                throw;
+            }
+        }
+
+        internal HttpMessage CreateGetSignRootCertificateRequest(string accountName, string certificateProfile, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.AppendRaw("https://", false);
+            uri.AppendRaw(_region, true);
+            uri.AppendRaw(".codesigning.azure.net/", false);
+            uri.AppendPath("/codesigningaccounts/", false);
+            uri.AppendPath(accountName, true);
+            uri.AppendPath("/certificateprofiles/", false);
+            uri.AppendPath(certificateProfile, true);
+            uri.AppendPath("/sign/rootcert", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateGetExtendedKeyUsagesRequest(string accountName, string certificateProfile, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.AppendRaw("https://", false);
+            uri.AppendRaw(_region, true);
+            uri.AppendRaw(".codesigning.azure.net/", false);
+            uri.AppendPath("/codesigningaccounts/", false);
+            uri.AppendPath(accountName, true);
+            uri.AppendPath("/certificateprofiles/", false);
+            uri.AppendPath(certificateProfile, true);
+            uri.AppendPath("/sign/eku", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        internal HttpMessage CreateSignRequest(string accountName, string certificateProfile, RequestContent content, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier202);
+            var request = message.Request;
+            request.Method = RequestMethod.Post;
+            var uri = new RawRequestUriBuilder();
+            uri.AppendRaw("https://", false);
+            uri.AppendRaw(_region, true);
+            uri.AppendRaw(".codesigning.azure.net/", false);
+            uri.AppendPath("/codesigningaccounts/", false);
+            uri.AppendPath(accountName, true);
+            uri.AppendPath("/certificateprofiles/", false);
+            uri.AppendPath(certificateProfile, true);
+            uri.AppendPath(":sign", false);
+            uri.AppendQuery("api-version", _apiVersion, true);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            request.Headers.Add("Content-Type", "application/json");
+            request.Content = content;
+            return message;
+        }
+
+        internal HttpMessage CreateGetExtendedKeyUsagesNextPageRequest(string nextLink, string accountName, string certificateProfile, RequestContext context)
+        {
+            var message = _pipeline.CreateMessage(context, ResponseClassifier200);
+            var request = message.Request;
+            request.Method = RequestMethod.Get;
+            var uri = new RawRequestUriBuilder();
+            uri.AppendRaw("https://", false);
+            uri.AppendRaw(_region, true);
+            uri.AppendRaw(".codesigning.azure.net/", false);
+            uri.AppendRawNextLink(nextLink, false);
+            request.Uri = uri;
+            request.Headers.Add("Accept", "application/json");
+            return message;
+        }
+
+        private static RequestContext DefaultRequestContext = new RequestContext();
+        internal static RequestContext FromCancellationToken(CancellationToken cancellationToken = default)
+        {
+            if (!cancellationToken.CanBeCanceled)
+            {
+                return DefaultRequestContext;
+            }
+
+            return new RequestContext() { CancellationToken = cancellationToken };
+        }
+
+        private static ResponseClassifier _responseClassifier200;
+        private static ResponseClassifier ResponseClassifier200 => _responseClassifier200 ??= new StatusCodeClassifier(stackalloc ushort[] { 200 });
+        private static ResponseClassifier _responseClassifier202;
+        private static ResponseClassifier ResponseClassifier202 => _responseClassifier202 ??= new StatusCodeClassifier(stackalloc ushort[] { 202 });
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClientOptions.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClientOptions.cs
new file mode 100644
index 000000000000..28c59f1516fc
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningClientOptions.cs
@@ -0,0 +1,37 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using Azure.Core;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> Client options for SigningClient. </summary>
+    public partial class SigningClientOptions : ClientOptions
+    {
+        private const ServiceVersion LatestVersion = ServiceVersion.V2023_06_15_Preview;
+
+        /// <summary> The version of the service to use. </summary>
+        public enum ServiceVersion
+        {
+            /// <summary> Service version "2023-06-15-preview". </summary>
+            V2023_06_15_Preview = 1,
+        }
+
+        internal string Version { get; }
+
+        /// <summary> Initializes new instance of SigningClientOptions. </summary>
+        public SigningClientOptions(ServiceVersion version = LatestVersion)
+        {
+            Version = version switch
+            {
+                ServiceVersion.V2023_06_15_Preview => "2023-06-15-preview",
+                _ => throw new NotSupportedException()
+            };
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.Serialization.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.Serialization.cs
new file mode 100644
index 000000000000..ed2ca7d17019
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.Serialization.cs
@@ -0,0 +1,63 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System.Text.Json;
+using Azure.Core;
+
+namespace Azure.Developer.Signing
+{
+    public partial class SigningPayloadOptions : IUtf8JsonSerializable
+    {
+        void IUtf8JsonSerializable.Write(Utf8JsonWriter writer)
+        {
+            writer.WriteStartObject();
+            writer.WritePropertyName("signatureAlgorithm"u8);
+            writer.WriteStringValue(SignatureAlgorithm.ToString());
+            writer.WritePropertyName("digest"u8);
+            writer.WriteBase64StringValue(Digest.ToArray(), "D");
+            if (Optional.IsCollectionDefined(FileHashList))
+            {
+                writer.WritePropertyName("fileHashList"u8);
+                writer.WriteStartArray();
+                foreach (var item in FileHashList)
+                {
+                    if (item == null)
+                    {
+                        writer.WriteNullValue();
+                        continue;
+                    }
+                    writer.WriteBase64StringValue(item.ToArray(), "D");
+                }
+                writer.WriteEndArray();
+            }
+            if (Optional.IsCollectionDefined(AuthenticodeHashList))
+            {
+                writer.WritePropertyName("authenticodeHashList"u8);
+                writer.WriteStartArray();
+                foreach (var item in AuthenticodeHashList)
+                {
+                    if (item == null)
+                    {
+                        writer.WriteNullValue();
+                        continue;
+                    }
+                    writer.WriteBase64StringValue(item.ToArray(), "D");
+                }
+                writer.WriteEndArray();
+            }
+            writer.WriteEndObject();
+        }
+
+        /// <summary> Convert into a Utf8JsonRequestContent. </summary>
+        internal virtual RequestContent ToRequestContent()
+        {
+            var content = new Utf8JsonRequestContent();
+            content.JsonWriter.WriteObjectValue(this);
+            return content;
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.cs b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.cs
new file mode 100644
index 000000000000..e8e1e99cba38
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Generated/SigningPayloadOptions.cs
@@ -0,0 +1,98 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Collections.Generic;
+using Azure.Core;
+
+namespace Azure.Developer.Signing
+{
+    /// <summary> The artifact request information to be signed by the service. </summary>
+    public partial class SigningPayloadOptions
+    {
+        /// <summary> Initializes a new instance of SigningPayloadOptions. </summary>
+        /// <param name="signatureAlgorithm"> The supported signature algorithm identifiers. </param>
+        /// <param name="digest"> Content digest to sign. </param>
+        /// <exception cref="ArgumentNullException"> <paramref name="digest"/> is null. </exception>
+        public SigningPayloadOptions(SignatureAlgorithm signatureAlgorithm, BinaryData digest)
+        {
+            Argument.AssertNotNull(digest, nameof(digest));
+
+            SignatureAlgorithm = signatureAlgorithm;
+            Digest = digest;
+            FileHashList = new ChangeTrackingList<BinaryData>();
+            AuthenticodeHashList = new ChangeTrackingList<BinaryData>();
+        }
+
+        /// <summary> Initializes a new instance of SigningPayloadOptions. </summary>
+        /// <param name="signatureAlgorithm"> The supported signature algorithm identifiers. </param>
+        /// <param name="digest"> Content digest to sign. </param>
+        /// <param name="fileHashList"> List of full file digital signatures. </param>
+        /// <param name="authenticodeHashList"> List of authenticode digital signatures. </param>
+        internal SigningPayloadOptions(SignatureAlgorithm signatureAlgorithm, BinaryData digest, IList<BinaryData> fileHashList, IList<BinaryData> authenticodeHashList)
+        {
+            SignatureAlgorithm = signatureAlgorithm;
+            Digest = digest;
+            FileHashList = fileHashList;
+            AuthenticodeHashList = authenticodeHashList;
+        }
+
+        /// <summary> The supported signature algorithm identifiers. </summary>
+        public SignatureAlgorithm SignatureAlgorithm { get; }
+        /// <summary>
+        /// Content digest to sign.
+        /// <para>
+        /// To assign a byte[] to this property use <see cref="BinaryData.FromBytes(byte[])"/>.
+        /// The byte[] will be serialized to a Base64 encoded string.
+        /// </para>
+        /// <para>
+        /// Examples:
+        /// <list type="bullet">
+        /// <item>
+        /// <term>BinaryData.FromBytes(new byte[] { 1, 2, 3 })</term>
+        /// <description>Creates a payload of "AQID".</description>
+        /// </item>
+        /// </list>
+        /// </para>
+        /// </summary>
+        public BinaryData Digest { get; }
+        /// <summary>
+        /// List of full file digital signatures.
+        /// <para>
+        /// To assign a byte[] to the element of this property use <see cref="BinaryData.FromBytes(byte[])"/>.
+        /// The byte[] will be serialized to a Base64 encoded string.
+        /// </para>
+        /// <para>
+        /// Examples:
+        /// <list type="bullet">
+        /// <item>
+        /// <term>BinaryData.FromBytes(new byte[] { 1, 2, 3 })</term>
+        /// <description>Creates a payload of "AQID".</description>
+        /// </item>
+        /// </list>
+        /// </para>
+        /// </summary>
+        public IList<BinaryData> FileHashList { get; }
+        /// <summary>
+        /// List of authenticode digital signatures.
+        /// <para>
+        /// To assign a byte[] to the element of this property use <see cref="BinaryData.FromBytes(byte[])"/>.
+        /// The byte[] will be serialized to a Base64 encoded string.
+        /// </para>
+        /// <para>
+        /// Examples:
+        /// <list type="bullet">
+        /// <item>
+        /// <term>BinaryData.FromBytes(new byte[] { 1, 2, 3 })</term>
+        /// <description>Creates a payload of "AQID".</description>
+        /// </item>
+        /// </list>
+        /// </para>
+        /// </summary>
+        public IList<BinaryData> AuthenticodeHashList { get; }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/src/Properties/AssemblyInfo.cs b/sdk/codesigning/Azure.Developer.Signing/src/Properties/AssemblyInfo.cs
new file mode 100644
index 000000000000..25359742a2de
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/src/Properties/AssemblyInfo.cs
@@ -0,0 +1,11 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System.Runtime.CompilerServices;
+
+[assembly: InternalsVisibleTo("Azure.Developer.Signing.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100d15ddcb29688295338af4b7686603fe614abd555e09efba8fb88ee09e1f7b1ccaeed2e8f823fa9eef3fdd60217fc012ea67d2479751a0b8c087a4185541b851bd8b16f8d91b840e51b1cb0ba6fe647997e57429265e85ef62d565db50a69ae1647d54d7bd855e4db3d8a91510e5bcbd0edfbbecaa20a7bd9ae74593daa7b11b4")]
+
+// Replace Microsoft.Test with the correct resource provider namepace for your service and uncomment.
+// See https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/azure-services-resource-providers
+// for the list of possible values.
+[assembly: Azure.Core.AzureResourceProviderNamespace("Microsoft.Template")]
diff --git a/sdk/codesigning/Azure.Developer.Signing/tests/Azure.Developer.Signing.Tests.csproj b/sdk/codesigning/Azure.Developer.Signing/tests/Azure.Developer.Signing.Tests.csproj
new file mode 100644
index 000000000000..cf2cb9db0db8
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/tests/Azure.Developer.Signing.Tests.csproj
@@ -0,0 +1,29 @@
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <TargetFrameworks>$(RequiredTargetFrameworks)</TargetFrameworks>
+
+    <!-- We don't care about XML doc comments on test types and members -->
+    <NoWarn>$(NoWarn);CS1591</NoWarn>
+  </PropertyGroup>
+
+  <!-- Reference the Client Library -->
+  <ItemGroup>
+    <ProjectReference Include="$(AzureCoreTestFramework)" />
+    <ProjectReference Include="..\src\Azure.Developer.Signing.csproj" />
+  </ItemGroup>
+  
+  <ItemGroup>
+    <PackageReference Include="NUnit" />
+    <PackageReference Include="NUnit3TestAdapter" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" />
+    <PackageReference Include="Moq" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Azure.Identity" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <Folder Include="SessionRecords\" />
+  </ItemGroup>
+</Project>
diff --git a/sdk/codesigning/Azure.Developer.Signing/tests/Generated/Samples/Samples_SigningClient.cs b/sdk/codesigning/Azure.Developer.Signing/tests/Generated/Samples/Samples_SigningClient.cs
new file mode 100644
index 000000000000..dcb24943f949
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/tests/Generated/Samples/Samples_SigningClient.cs
@@ -0,0 +1,381 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+// <auto-generated/>
+
+#nullable disable
+
+using System;
+using System.Text.Json;
+using System.Threading.Tasks;
+using Azure;
+using Azure.Core;
+using Azure.Developer.Signing;
+using Azure.Identity;
+using NUnit.Framework;
+
+namespace Azure.Developer.Signing.Samples
+{
+    public partial class Samples_SigningClient
+    {
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetSignRootCertificate_ShortVersion()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>", null);
+
+            JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+            Console.WriteLine(result.ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetSignRootCertificate_ShortVersion_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>", null);
+
+            JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+            Console.WriteLine(result.ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetSignRootCertificate_ShortVersion_Convenience()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response<BinaryData> response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>");
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetSignRootCertificate_ShortVersion_Convenience_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response<BinaryData> response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>");
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetSignRootCertificate_AllParameters()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>", null);
+
+            JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+            Console.WriteLine(result.ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetSignRootCertificate_AllParameters_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>", null);
+
+            JsonElement result = JsonDocument.Parse(response.ContentStream).RootElement;
+            Console.WriteLine(result.ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetSignRootCertificate_AllParameters_Convenience()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response<BinaryData> response = client.GetSignRootCertificate("<accountName>", "<certificateProfile>");
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetSignRootCertificate_AllParameters_Convenience_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            Response<BinaryData> response = await client.GetSignRootCertificateAsync("<accountName>", "<certificateProfile>");
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetExtendedKeyUsages_ShortVersion()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            foreach (BinaryData item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>", null))
+            {
+                JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+                Console.WriteLine(result.GetProperty("eku").ToString());
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetExtendedKeyUsages_ShortVersion_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            await foreach (BinaryData item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>", null))
+            {
+                JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+                Console.WriteLine(result.GetProperty("eku").ToString());
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetExtendedKeyUsages_ShortVersion_Convenience()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>"))
+            {
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetExtendedKeyUsages_ShortVersion_Convenience_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            await foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>"))
+            {
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetExtendedKeyUsages_AllParameters()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            foreach (BinaryData item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>", null))
+            {
+                JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+                Console.WriteLine(result.GetProperty("eku").ToString());
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetExtendedKeyUsages_AllParameters_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            await foreach (BinaryData item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>", null))
+            {
+                JsonElement result = JsonDocument.Parse(item.ToStream()).RootElement;
+                Console.WriteLine(result.GetProperty("eku").ToString());
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_GetExtendedKeyUsages_AllParameters_Convenience()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsages("<accountName>", "<certificateProfile>"))
+            {
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_GetExtendedKeyUsages_AllParameters_Convenience_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            await foreach (ExtendedKeyUsage item in client.GetExtendedKeyUsagesAsync("<accountName>", "<certificateProfile>"))
+            {
+            }
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_Sign_ShortVersion()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            using RequestContent content = RequestContent.Create(new
+            {
+                signatureAlgorithm = "RS256",
+                digest = new object(),
+            });
+            Operation<BinaryData> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+            BinaryData responseData = operation.Value;
+
+            JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+            Console.WriteLine(result.GetProperty("id").ToString());
+            Console.WriteLine(result.GetProperty("status").ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_Sign_ShortVersion_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            using RequestContent content = RequestContent.Create(new
+            {
+                signatureAlgorithm = "RS256",
+                digest = new object(),
+            });
+            Operation<BinaryData> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+            BinaryData responseData = operation.Value;
+
+            JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+            Console.WriteLine(result.GetProperty("id").ToString());
+            Console.WriteLine(result.GetProperty("status").ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_Sign_ShortVersion_Convenience()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()));
+            Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+            ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_Sign_ShortVersion_Convenience_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()));
+            Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+            ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_Sign_AllParameters()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            using RequestContent content = RequestContent.Create(new
+            {
+                signatureAlgorithm = "RS256",
+                digest = new object(),
+                fileHashList = new object[]
+            {
+new object()
+            },
+                authenticodeHashList = new object[]
+            {
+new object()
+            },
+            });
+            Operation<BinaryData> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+            BinaryData responseData = operation.Value;
+
+            JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+            Console.WriteLine(result.GetProperty("id").ToString());
+            Console.WriteLine(result.GetProperty("status").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("code").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("message").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("target").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("innererror").GetProperty("code").ToString());
+            Console.WriteLine(result.GetProperty("result").GetProperty("signature").ToString());
+            Console.WriteLine(result.GetProperty("result").GetProperty("signingCertificate").ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_Sign_AllParameters_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            using RequestContent content = RequestContent.Create(new
+            {
+                signatureAlgorithm = "RS256",
+                digest = new object(),
+                fileHashList = new object[]
+            {
+new object()
+            },
+                authenticodeHashList = new object[]
+            {
+new object()
+            },
+            });
+            Operation<BinaryData> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", content);
+            BinaryData responseData = operation.Value;
+
+            JsonElement result = JsonDocument.Parse(responseData.ToStream()).RootElement;
+            Console.WriteLine(result.GetProperty("id").ToString());
+            Console.WriteLine(result.GetProperty("status").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("code").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("message").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("target").ToString());
+            Console.WriteLine(result.GetProperty("error").GetProperty("innererror").GetProperty("code").ToString());
+            Console.WriteLine(result.GetProperty("result").GetProperty("signature").ToString());
+            Console.WriteLine(result.GetProperty("result").GetProperty("signingCertificate").ToString());
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public void Example_Sign_AllParameters_Convenience()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()))
+            {
+                FileHashList = { BinaryData.FromObjectAsJson(new object()) },
+                AuthenticodeHashList = { BinaryData.FromObjectAsJson(new object()) },
+            };
+            Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = client.Sign(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+            ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+        }
+
+        [Test]
+        [Ignore("Only validating compilation of examples")]
+        public async Task Example_Sign_AllParameters_Convenience_Async()
+        {
+            TokenCredential credential = new DefaultAzureCredential();
+            SigningClient client = new SigningClient("<region>", credential);
+
+            SigningPayloadOptions signingPayloadOptions = new SigningPayloadOptions(SignatureAlgorithm.RS256, BinaryData.FromObjectAsJson(new object()))
+            {
+                FileHashList = { BinaryData.FromObjectAsJson(new object()) },
+                AuthenticodeHashList = { BinaryData.FromObjectAsJson(new object()) },
+            };
+            Operation<ResourceOperationStatusCertificateProfileNameSignResultError> operation = await client.SignAsync(WaitUntil.Completed, "<accountName>", "<certificateProfile>", signingPayloadOptions);
+            ResourceOperationStatusCertificateProfileNameSignResultError responseData = operation.Value;
+        }
+    }
+}
diff --git a/sdk/codesigning/Azure.Developer.Signing/tsp-location.yaml b/sdk/codesigning/Azure.Developer.Signing/tsp-location.yaml
new file mode 100644
index 000000000000..d6c5c4262017
--- /dev/null
+++ b/sdk/codesigning/Azure.Developer.Signing/tsp-location.yaml
@@ -0,0 +1,5 @@
+additionalDirectories: []
+directory: specification/codesigning/CodeSigning
+repo: Azure/azure-rest-api-specs
+commit: 32fe89b5cc906d9840632c3c02b2535633abe445
+
diff --git a/sdk/codesigning/ci.yml b/sdk/codesigning/ci.yml
new file mode 100644
index 000000000000..4e800f11a386
--- /dev/null
+++ b/sdk/codesigning/ci.yml
@@ -0,0 +1,35 @@
+# NOTE: Please refer to https://aka.ms/azsdk/engsys/ci-yaml before editing this file.
+
+trigger:
+  branches:
+    include:
+    - main
+    - hotfix/*
+    - release/*
+  paths:
+    include:
+    - sdk/codesigning
+    - sdk/codesigning/ci.yml
+    - sdk/codesigning/Azure.Developer.Signing
+
+pr:
+  branches:
+    include:
+    - main
+    - feature/*
+    - hotfix/*
+    - release/*
+  paths:
+    include:
+    - sdk/codesigning
+    - sdk/codesigning/ci.yml
+    - sdk/codesigning/Azure.Developer.Signing
+
+extends:
+  template: /eng/pipelines/templates/stages/archetype-sdk-client.yml
+  parameters:
+    ServiceDirectory: codesigning
+    ArtifactName: packages
+    Artifacts:
+    - name: Azure.Developer.Signing
+      safeName: AzureDeveloperSigning