diff --git a/idn/beta/paths/identity-certifications-item-permissions.yaml b/idn/beta/paths/identity-certifications-item-permissions.yaml
index d64c34fa..6a94eee7 100644
--- a/idn/beta/paths/identity-certifications-item-permissions.yaml
+++ b/idn/beta/paths/identity-certifications-item-permissions.yaml
@@ -7,6 +7,9 @@ get:
     This API returns the permissions associated with an entitlement certification item based on the certification item's
     ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification
     can also call this API.
+  deprecated: true
+  security:
+    - UserContextAuth: [ idn:certification:read ]
   parameters:
     - in: query
       name: filters
@@ -48,6 +51,7 @@ get:
         The following is invalid:
 
         *?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)*
+      example: target eq "SYS.OBJAUTH2"
     - in: path
       name: certificationId
       schema:
diff --git a/idn/sailpoint-api.v3.yaml b/idn/sailpoint-api.v3.yaml
index 058ab1d2..5298392e 100644
--- a/idn/sailpoint-api.v3.yaml
+++ b/idn/sailpoint-api.v3.yaml
@@ -890,8 +890,10 @@ paths:
     $ref: "./v3/paths/identity-certifications-access-summaries.yaml"
   /certifications/{id}/identity-summaries/{identitySummaryId}:
     $ref: "./v3/paths/identity-certifications-identity-summary.yaml"
+  /certifications/{certificationId}/access-review-items/{itemId}/permissions:
+    $ref: "./v3/paths/identity-certifications-item-permissions.yaml"
   /certifications/{id}/reviewers:
-    $ref: './v3/paths/certifications-reviewers.yaml'
+    $ref: "./v3/paths/certifications-reviewers.yaml"
   /certification-tasks/{id}:
     $ref: "./v3/paths/certification-task.yaml"
   /identities/{identity-id}/set-lifecycle-state:
diff --git a/idn/v3/paths/identity-certifications-item-permissions.yaml b/idn/v3/paths/identity-certifications-item-permissions.yaml
new file mode 100644
index 00000000..1dc22c16
--- /dev/null
+++ b/idn/v3/paths/identity-certifications-item-permissions.yaml
@@ -0,0 +1,91 @@
+get:
+  operationId: getIdentityCertificationItemPermissions
+  tags:
+    - Certifications
+  summary: Permissions for Entitlement Certification Item
+  description: >-
+    This API returns the permissions associated with an entitlement certification item based on the certification item's
+    ID. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification
+    can also call this API.
+  security:
+    - UserContextAuth: [ idn:certification:read ]
+  parameters:
+    - in: query
+      name: filters
+      schema:
+        type: string
+      description: >-
+        Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+        Supported fields and primitive operators:
+
+
+        **target**: *eq, sw*
+
+
+        **rights**: *ca*
+
+
+        Supported composite operators:
+
+
+        *and, or*
+
+
+        All field values (second filter operands) are case-insensitive for this API.
+
+
+        Only a single *and* or *or* composite filter operator may be used. It must also be used between
+        a target filter and a rights filter, not between 2 filters for the same field.
+
+        For example,
+
+
+        The following is valid:
+
+        *?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22*
+
+
+        The following is invalid:
+
+        *?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)*
+      example: target eq "SYS.OBJAUTH2"
+    - in: path
+      name: certificationId
+      schema:
+        type: string
+      required: true
+      description: The certification ID
+      example: ef38f94347e94562b5bb8424a56397d8
+    - in: path
+      name: itemId
+      schema:
+        type: string
+      required: true
+      description: The certification item ID
+      example: 2c91808671bcbab40171bd945d961227
+    - $ref: '../parameters/limit.yaml'
+    - $ref: '../parameters/offset.yaml'
+    - $ref: '../parameters/count.yaml'
+  responses:
+    '200':
+      description: A list of permissions associated with the given itemId
+      content:
+        application/json:
+          schema:
+            type: array
+            items:
+              $ref: '../schemas/PermissionDto.yaml'
+    '400':
+      $ref: '../responses/400.yaml'
+    '401':
+      $ref: '../responses/401.yaml'
+    '403':
+      $ref: '../responses/403.yaml'
+    '404':
+      $ref: '../responses/404.yaml'
+    '429':
+      $ref: '../responses/429.yaml'
+    '500':
+      $ref: '../responses/500.yaml'