Provider Management API

Unified API for managing all provider configurations

The Provider Management API provides a consolidated interface for managing all types of integration configurations in Veza. These endpoints work across all supported integration types including AWS, Azure, Google Cloud, Snowflake, and other providers.

Use these endpoints to:

List all providers across all types with filtering and pagination
Update common provider fields (name, labels, owners, data_plane_id)
Delete provider configurations

This API manages common fields across all provider types. For provider-specific configuration (regions, services, credentials), use the Provider-Specific APIs.

List All Providers

Returns a list of all configured providers across all types. Supports filtering, sorting, and pagination.

get

Authorizations

AuthorizationstringRequired

Bearer token authentication using a Veza Personal API key.

Header Format: Authorization: Bearer <your-api-key>

Creating an API Key:

Log into your Veza tenant
Navigate to Administration → API Keys
Generate a new API key and save the value securely

Query parameters

filterstringOptional

page_sizeinteger · int32Optional

page_tokenstringOptional

include_datasource_statusstringOptional

include_created_by_and_updated_by_namesbooleanOptional

Responses

200

application/json

next_page_tokenstringOptional

default

Default error response

application/json

get

/api/v1/providers

GET /api/v1/providers HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "values": [
    {
      "id": "text",
      "external_id": "text",
      "type": "text"
    }
  ],
  "next_page_token": "text"
}

Query Parameters

Parameter

Type

Description

page_size

integer

Maximum number of results per page (default: 25)

page_token

string

Token for retrieving the next page of results

filter

string

Filter expression (e.g., state eq 'ENABLED', type eq 'AWS')

include_datasource_status

string

Include datasource status in response

include_type_summary

boolean

Include type summary field

Example Request

curl -X GET \
  "https://{tenant}.vezacloud.com/api/v1/providers?page_size=10&filter=state+eq+'ENABLED'" \
  -H "Authorization: Bearer {your_api_key}" \
  -H "Accept: application/json"

Example Response

{
  "values": [
    {
      "id": "883dd869-8762-4187-8767-1c387de14b4b",
      "vendor_id": "123456789012",
      "name": "AWS-Production",
      "type": "AWS",
      "state": "ENABLED",
      "data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
      "status": "SUCCESS",
      "external_id": "501779813173",
      "team_id": "team-uuid-here",
      "team_name": "Platform Team",
      "created_at": "2024-01-15T10:30:00Z",
      "updated_at": "2024-08-26T14:22:00Z",
      "created_by": "user-uuid",
      "updated_by": "user-uuid",
      "owners": ["user-uuid-1", "group-uuid-1"],
      "labels": ["production", "critical"],
      "vendor": {},
      "lifecycle_management_state": "NOT_CONFIGURED",
      "provisioning": false
    },
    {
      "id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
      "vendor_id": "contoso.onmicrosoft.com",
      "name": "Azure-Production",
      "type": "AZURE",
      "state": "ENABLED",
      "data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
      "status": "SUCCESS",
      "external_id": "veza-ext-def456",
      "team_id": "team-uuid-here",
      "team_name": "Platform Team",
      "created_at": "2024-02-01T09:15:00Z",
      "updated_at": "2024-08-26T13:45:00Z",
      "owners": [],
      "labels": ["production"],
      "vendor": {},
      "lifecycle_management_state": "NOT_CONFIGURED",
      "provisioning": false
    }
  ],
  "next_page_token": "eyJvZmZzZXQiOjEwfQ=="
}

Use page_size and page_token parameters for pagination. Continue fetching pages until next_page_token is empty or absent.

Update Provider (Full)

Perform a complete update of a provider configuration. All modifiable fields must be included in the request.

a generic endpoint for patch update providers of different types

put

the plan is to migrate all the provider update endpoints to this one

one provider at a time

while still keeping the old endpoints for backward compatibility

Authorizations

AuthorizationstringRequired

Bearer token authentication using a Veza Personal API key.

Header Format: Authorization: Bearer <your-api-key>

Creating an API Key:

Log into your Veza tenant
Navigate to Administration → API Keys
Generate a new API key and save the value securely

Path parameters

value.idstringRequired

Query parameters

update_maskstring · field-maskOptional

Body

idstringOptional

external_idstringOptional

typestringOptional

Responses

200

application/json

default

Default error response

application/json

put

/api/v1/providers/{value.id}

PUT /api/v1/providers/{value.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 48

{
  "id": "text",
  "external_id": "text",
  "type": "text"
}

{
  "value": {
    "id": "text",
    "external_id": "text",
    "type": "text"
  }
}

Example Request

curl -X PUT \
  "https://{tenant}.vezacloud.com/api/v1/providers/883dd869-8762-4187-8767-1c387de14b4b" \
  -H "Authorization: Bearer {your_api_key}" \
  -H "Content-Type: application/json" \
  -d '{
    "value": {
      "id": "883dd869-8762-4187-8767-1c387de14b4b",
      "name": "AWS-Production-Updated",
      "data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
      "owners": ["user-uuid-1", "group-uuid-1"],
      "labels": ["production", "critical", "pci"]
    }
  }'

Example Response

{
  "value": {
    "id": "883dd869-8762-4187-8767-1c387de14b4b",
    "vendor_id": "123456789012",
    "name": "AWS-Production-Updated",
    "type": "AWS",
    "state": "ENABLED",
    "data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
    "status": "PENDING",
    "external_id": "501779813173",
    "team_id": "team-uuid-here",
    "team_name": "Platform Team",
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-08-26T15:30:00Z",
    "created_by": "user-uuid",
    "updated_by": "user-uuid",
    "owners": ["user-uuid-1", "group-uuid-1"],
    "labels": ["production", "critical", "pci"],
    "vendor": {},
    "lifecycle_management_state": "NOT_CONFIGURED",
    "provisioning": false
  }
}

Update Provider (Partial)

Perform a partial update of a provider configuration. Only include the fields you want to change. Use the update_mask parameter to specify which fields to update.

a generic endpoint for patch update providers of different types

patch

the plan is to migrate all the provider update endpoints to this one

one provider at a time

while still keeping the old endpoints for backward compatibility

Authorizations

AuthorizationstringRequired

Bearer token authentication using a Veza Personal API key.

Header Format: Authorization: Bearer <your-api-key>

Creating an API Key:

Log into your Veza tenant
Navigate to Administration → API Keys
Generate a new API key and save the value securely

Path parameters

value.idstringRequired

Query parameters

update_maskstring · field-maskOptional

Body

idstringOptional

external_idstringOptional

typestringOptional

Responses

200

application/json

default

Default error response

application/json

patch

/api/v1/providers/{value.id}

PATCH /api/v1/providers/{value.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 48

{
  "id": "text",
  "external_id": "text",
  "type": "text"
}

{
  "value": {
    "id": "text",
    "external_id": "text",
    "type": "text"
  }
}

Example Request

curl -X PATCH \
  "https://{tenant}.vezacloud.com/api/v1/providers/883dd869-8762-4187-8767-1c387de14b4b" \
  -H "Authorization: Bearer {your_api_key}" \
  -H "Content-Type: application/json" \
  -d '{
    "value": {
      "id": "883dd869-8762-4187-8767-1c387de14b4b",
      "name": "AWS-Production-Renamed",
      "labels": ["production", "updated"]
    },
    "update_mask": "name,labels"
  }'

Example Response

{
  "value": {
    "id": "883dd869-8762-4187-8767-1c387de14b4b",
    "vendor_id": "123456789012",
    "name": "AWS-Production-Renamed",
    "type": "AWS",
    "state": "ENABLED",
    "data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
    "status": "PENDING",
    "external_id": "501779813173",
    "team_id": "team-uuid-here",
    "team_name": "Platform Team",
    "created_at": "2024-01-15T10:30:00Z",
    "updated_at": "2024-08-26T15:45:00Z",
    "owners": ["user-uuid-1", "group-uuid-1"],
    "labels": ["production", "updated"],
    "vendor": {},
    "lifecycle_management_state": "NOT_CONFIGURED",
    "provisioning": false
  }
}

PATCH is preferred over PUT for updates. Use the update_mask parameter to explicitly specify which fields to update.

Delete Provider

Permanently delete a provider configuration and all associated data sources.

delete

Authorizations

AuthorizationstringRequired

Bearer token authentication using a Veza Personal API key.

Header Format: Authorization: Bearer <your-api-key>

Creating an API Key:

Log into your Veza tenant
Navigate to Administration → API Keys
Generate a new API key and save the value securely

Path parameters

idstringRequired

Responses

200

application/json

objectOptional

default

Default error response

application/json

delete

/api/v1/providers/{id}

DELETE /api/v1/providers/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{}

Example Request

curl -X DELETE \
  "https://{tenant}.vezacloud.com/api/v1/providers/883dd869-8762-4187-8767-1c387de14b4b" \
  -H "Authorization: Bearer {your_api_key}"

Example Response

Returns an empty response with HTTP status 200 OK on success.

{}

Provider Response Fields

Core Fields

Field

Type

Behavior

Description

id

string

Output-only

Unique provider identifier (UUID)

vendor_id

string

Output-only

Provider-specific identifier (e.g., AWS account ID)

name

string

Mutable

Display name for the provider

type

string

Immutable

Provider type (AWS, AZURE, GOOGLE_CLOUD, etc.)

state

enum

Output-only

Provider state: ENABLED, DISABLED, DELETING, PENDING_DELETE

status

enum

Output-only

Discovery status: PENDING, SUCCESS, ERROR, UNAUTHENTICATED

data_plane_id

string

Mutable

Insight Point ID for data collection

external_id

string

Output-only

External identifier for cross-system references

Metadata Fields

Field

Type

Behavior

Description

created_at

timestamp

Output-only

Creation timestamp

updated_at

timestamp

Output-only

Last modification timestamp

created_by

string

Output-only

User ID who created the provider

updated_by

string

Output-only

User ID who last modified the provider

created_by_name

string

Output-only

Display name of creator (when requested)

updated_by_name

string

Output-only

Display name of last modifier (when requested)

Organization Fields

Field

Type

Behavior

Description

team_id

string

Output-only

Owning team identifier

team_name

string

Output-only

Owning team display name

owners

array[string]

Mutable

List of Veza user or group IDs with owner permissions

owner_names

array[string]

Output-only

Display names of owners

labels

array[string]

Mutable

Metadata labels (e.g., "production", "pci")

rbac_id

string

Output-only

RBAC identifier for access control

Status Fields

Field

Type

Behavior

Description

extractors_datasource_status

enum

Output-only

Aggregate status of extractor datasources

discoverers_datasource_status

enum

Output-only

Aggregate status of discoverer datasources

lifecycle_management_state

object

Output-only

Lifecycle Management provisioning state

provisioning

boolean

Mutable

Whether Lifecycle Management is enabled

Vendor Configuration

Field

Type

Behavior

Description

vendor

object

Output-only

Provider-specific metadata. This field is typically empty in the generic Provider API. Use Provider-Specific APIs for detailed configuration.

Error Responses

All endpoints return standard HTTP status codes:

Status Code

Description

200

Success

400

Bad Request - Invalid parameters or request body

401

Unauthorized - Invalid or missing API key

403

Forbidden - Insufficient permissions

404

Not Found - Provider does not exist

409

Conflict - Provider already exists or state conflict

422

Unprocessable Entity - Validation error

500

Internal Server Error

PreviousIntegration APIs NextEnable/Disable Providers

Last updated 20 days ago

Was this helpful?

hashtagList All Providers

hashtagQuery Parameters

hashtagExample Request

hashtagExample Response

hashtagUpdate Provider (Full)

hashtaga generic endpoint for patch update providers of different types

hashtagExample Request

hashtagExample Response

hashtagUpdate Provider (Partial)

hashtaga generic endpoint for patch update providers of different types

hashtagExample Request

hashtagExample Response

hashtagDelete Provider

hashtagExample Request

hashtagExample Response

hashtagProvider Response Fields

hashtagCore Fields

hashtagMetadata Fields

hashtagOrganization Fields

hashtagStatus Fields

hashtagVendor Configuration

hashtagError Responses

hashtagRelated Documentation

List All Providers

Query Parameters

Example Request

Example Response

Update Provider (Full)

a generic endpoint for patch update providers of different types

Example Request

Example Response

Update Provider (Partial)

a generic endpoint for patch update providers of different types

Example Request

Example Response

Delete Provider

Example Request

Example Response

Provider Response Fields

Core Fields

Metadata Fields

Organization Fields

Status Fields

Vendor Configuration

Error Responses

Related Documentation