Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
API operations for enabling and disabling provider connections
The v1/providers API includes endpoints to enable or disable integrations by provider id. This allows you to temporarily pause data extraction and synchronization for specific providers when needed, without deleting the configuration.
The provider_id value should be obtained from the provider listing APIs (e.g., /api/v1/providers/aws for AWS providers)
Activate a provider connection that was disabled.
Deactivates a provider connection until it is-renabled, preserving the configured settings.
curl -X PUT \
"https://{tenant}.vezacloud.com/api/v1/providers/{id}:enable" \
-H "accept: application/json" \
-H "Authorization: Bearer {your_api_key}"curl -X PUT \
"https://{tenant}.vezacloud.com/api/v1/providers/{id}:disable" \
-H "accept: application/json" \
-H "Authorization: Bearer {your_api_key}"Programmatic configuration of providers and data sources
The Veza management API enables internal tooling to automate administration of cloud providers and data sources. Each supported provider has endpoints to get, create, and modify the current configurations, which can be useful when integrating with environments spanning many provider accounts.
Notes
A data plane ID is required when adding a custom provider. This value refers to the Insight Point used for discovery, or the GUID of the built-in data plane. To get all available IDs, navigate to Administration > Insight Point. Unless you have deployed an Insight Point within your environment, the only entry will be for the internal data plane.
If a request is unsuccessful, an error message will provide additional details and troubleshooting steps.
You can issue new API keys from Administration > API Keys > . Provide the key as the bearer auth token in the header of each request.
Users must have the role to add/modify provider configurations. Configurations can be viewed by users with the operator role.
Register Accounts - Use the management API to add multiple AWS accounts from CSV.
Veza Python Client - Simple Python class for making REST API calls to Veza.
Cloud Formation Stacks - Configure multiple AWS accounts for Veza discovery by enabling the required assume role operations and IAM permissions.
If your organization uses applications, data sources, or identity providers not natively supported by Veza, you may be able to add them to your data catalog using . You will need to query the provider to retrieve entity and permissions metadata and push the payload to Veza for parsing in a template format.
Endpoints for administering custom resources (/providers/custom/*)are described in .
Pause discovery and extraction for a data source
Pause discovery and extraction for a data source. This will cancel all pending extractions for the specified data source.
Disabling a data source will cancel all pending extractions and prevent new data from being collected until the data source is re-enabled.
Standard Response:
PUT /api/v1/providers/datasources/{id}:disableid
string
Required
The data source ID
Standard Response:
id
string
Required
The data source ID
Retrieve the parsing status and details for a specific data source
GET /api/v1/providers/datasources/{id}curl -X GET "$BASE_URL/api/v1/providers/datasources/6961b032-3fd7-4baa-a230-146d1b70ec27" \
-H "authorization: Bearer $VEZA_TOKEN"{
"value": {
"id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"name": "AWS EC2 (527398259632)",
"datasource_type": "EXTRACTOR",
"agent_type": "AWS_EC2",
"status": "SUCCESS",
"provider_id": "cd0cf102-e86c-4599-9cbe-64d2c6b83236",
"path": "AWS/ec2",
"state": "ENABLED",
"effective_state": "ENABLED",
"datasource_config": null,
"created_at": "2021-10-26T07:10:38Z",
"updated_at": "2021-10-26T07:10:38Z",
"synced_at": "2022-01-13T20:53:23Z",
"parsed_at": "2022-01-13T20:53:29Z"
}
}curl -X PUT "$BASE_URL/api/v1/providers/datasources/6961b032-3fd7-4baa-a230-146d1b70ec27:disable" \
-H "authorization: Bearer $VEZA_TOKEN"{}GET /api/v1/providers/datasources/{id}/parse_statusid
string
Required
The data source ID
Standard Response:
id
string
Required
The data source ID
Standard Response:
id
string
Required
The data source ID
Update the name for a given data source ID
Operations for managing data sources including listing, updating, enabling, disabling, and status monitoring
Each cloud provider will have one or more associated data sources. Each represents a discrete instance of a service that Veza connects to for the discovery and extraction of authorization metadata.
The provider under /providers/aws/{id}, for example, may have an associated EC2 data source, represented as:
You can use the API to get or update data source records, or enable and disable individual data sources.
Disabling a data source will cancel all pending extractions.
Find lifecycle management datasources that support specific action types and entity relationships
PUT /api/v1/providers/datasources/{id}:enablecurl -X PUT "$BASE_URL/api/v1/providers/datasources/6961b032-3fd7-4baa-a230-146d1b70ec27:enable" \
-H "authorization: Bearer $VEZA_TOKEN"{}GET /api/v1/providers/datasources/{id}/sync_statuscurl -X GET "$BASE_URL/api/v1/providers/datasources/6961b032-3fd7-4baa-a230-146d1b70ec27/sync_status" \
-H "authorization: Bearer $VEZA_TOKEN"{
"value": {
"datasource_id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"status": "SUCCESS",
"last_synced_at": "2022-01-13T20:53:23Z",
"sync_duration_seconds": 120,
"records_extracted": 5000,
"errors_count": 0,
"next_scheduled_sync": "2022-01-14T08:00:00Z"
}
}curl -X GET "$BASE_URL/api/v1/providers/datasources/6961b032-3fd7-4baa-a230-146d1b70ec27/parse_status" \
-H "authorization: Bearer $VEZA_TOKEN"{
"value": {
"datasource_id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"status": "SUCCESS",
"last_parsed_at": "2022-01-13T20:53:29Z",
"parse_duration_seconds": 45,
"entities_processed": 1250,
"errors_count": 0,
"warnings_count": 2
}
}PUT /api/v1/providers/datasources/{id}filter
string
Optional
When present, only returns data sources matching the filter. Available options: name, agent_type, status, state, provider_id, data_provider_id, datasource_type
order_by
string
Optional
Sort results by: name, agent_type, status, state, provider_id, data_provider_id, or datasource_type
page_size
integer
Optional
Standard Response:
For working with custom applications and Open Authorization API (OAA), see:
action_type
integer
Optional
Filter by specific LCM action type. See below. See for details.
entity_type
string
Optional
Filter by entity type that the datasource can work with
relationship_type
string
Optional
0
NONE
1
SYNC_IDENTITIES
2
MANAGE_RELATIONSHIPS
3
CREATE_EMAIL
4
DEPROVISION_IDENTITY
5
ACCESS_PLAN
Standard Response:
id
string
Required
The data source ID
name
string
Optional
New name for the data source
Retrieve details for a specific lifecycle management datasource
Returns detailed information for a specific lifecycle management datasource by its ID, including its supported capabilities, available actions, syncable attributes, and grantable entitlements.
For detailed information about the response fields, see the documentation.
curl -X GET "$BASE_URL/api/v1/providers/datasources" \
-H "authorization: Bearer $VEZA_TOKEN"curl -X GET "$BASE_URL/api/v1/providers/datasources?filter=status+eq+\"SUCCESS\"" \
-H "authorization: Bearer $VEZA_TOKEN"curl -X GET "$BASE_URL/api/v1/providers/datasources?page_size=10&order_by=name" \
-H "authorization: Bearer $VEZA_TOKEN"GET /api/v1/providers/datasources{
"values": [
{
"id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"name": "AWS EC2 (527398259632)",
"datasource_type": "EXTRACTOR",
"agent_type": "AWS_EC2",
"status": "SUCCESS",
"provider_id": "cd0cf102-e86c-4599-9cbe-64d2c6b83236",
"path": "AWS/ec2",
"state": "ENABLED",
"effective_state": "ENABLED",
"created_at": "2021-10-26T07:10:38Z",
"updated_at": "2021-10-26T07:10:38Z",
"synced_at": "2022-01-13T20:53:23Z",
"parsed_at": "2022-01-13T20:53:29Z"
}
],
"next_page_token": "ec67g",
"has_more": false
}{
"id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"name": "AWS EC2 (527398259632)",
"datasource_type": "EXTRACTOR",
"agent_type": "AWS_EC2",
"status": "SUCCESS",
"provider_id": "cd0cf102-e86c-4599-9cbe-64d2c6b83236",
"path": "AWS/ec2",
"state": "ENABLED",
"effective_state": "ENABLED",
"datasource_config": null,
"created_at": "2021-10-26T07:10:38Z",
"updated_at": "2021-10-26T07:10:38Z",
"synced_at": "2022-01-13T20:53:23Z",
"parsed_at": "2022-01-13T20:53:29Z"
}# Find datasources that support SYNC_IDENTITIES operations (action_type=1)
curl -X GET "$BASE_URL/api/v1/providers/datasources/lifecycle_managers:by_action_type?action_type=1" \
-H "authorization: Bearer $VEZA_TOKEN"# Find datasources that can manage User entities
curl -X GET "$BASE_URL/api/v1/providers/datasources/lifecycle_managers:by_action_type?entity_type=User" \
-H "authorization: Bearer $VEZA_TOKEN"# Find datasources that support SYNC_IDENTITIES operations on Users with MemberOf relationships
curl -X GET "$BASE_URL/api/v1/providers/datasources/lifecycle_managers:by_action_type?action_type=1&entity_type=User&relationship_type=MemberOf" \
-H "authorization: Bearer $VEZA_TOKEN"GET /api/v1/providers/datasources/lifecycle_managers:by_action_type{
"values": [
{
"id": "549a4b5e-0328-4c87-a19d-ee8a2926d1aa",
"name": "Workday Integration",
"provider_type": "WORKDAY",
"external_id": "https://wd5-impl-services1.workday.com/veza_preview",
"lifecycle_management_enabled": true,
"supported_capabilities": [
"IDENTITY_SOURCE",
"ACCESS_TARGET"
]
}
],
"has_more": false,
"next_page_token": ""
}curl -X PUT "$BASE_URL/api/v1/providers/datasources/6961b032-3fd7-4baa-a230-146d1b70ec27" \
-H "authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
--data-raw '{
"name": "AWS EC2 Production Environment"
}'{
"value": {
"id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"name": "AWS EC2 Production Environment",
"datasource_type": "EXTRACTOR",
"agent_type": "AWS_EC2",
"status": "SUCCESS",
"provider_id": "cd0cf102-e86c-4599-9cbe-64d2c6b83236",
"path": "AWS/ec2",
"state": "ENABLED",
"effective_state": "ENABLED",
"datasource_config": null,
"created_at": "2021-10-26T07:10:38Z",
"updated_at": "2024-01-15T10:30:45Z",
"synced_at": "2022-01-13T20:53:23Z",
"parsed_at": "2022-01-13T20:53:29Z"
}
}GET /api/v1/providers/datasources/lifecycle_managers/{id}List Data Sources
Retrieve all data sources with filtering and pagination
Get Data Source
Retrieve details for a specific data source
Update Data Source
Update the name for a data source
Disable Data Source
Pause discovery and extraction for a data source
Enable Data Source
Resume monitoring and queue for extraction
List Lifecycle Manager Datasources
List datasources with lifecycle management capabilities
Get Lifecycle Manager Datasource
Get details for a specific lifecycle manager datasource
List by Action Type
Find datasources that support specific action types
Get Parse Status
Retrieve parsing status and details
Get Sync Status
Retrieve synchronization status and details
The maximum number of results to return. Fewer results may be returned even when more pages exist
page_token
string
Optional
The token specifying the specific page of results to retrieve
Filter by relationship type that the datasource can manage
6
WRITE_BACK_EMAIL
7
PAUSE
8
SEND_NOTIFICATION
9
CUSTOM_ACTION
10
CREATE_ENTITLEMENT
11
CREATE_ACCESS_REVIEW
12
RESET_PASSWORD
13
DELETE_IDENTITY
id
string
Required
The lifecycle management datasource ID
Lists all data sources that have enabled lifecycle management and their supported capabilities
Lists all data sources that have enabled lifecycle management and their detailed capabilities. This endpoint shows which systems can be used as sources of identity information and as targets for access management operations in Veza Lifecycle Management.
Use this endpoint to:
Discover which datasources support lifecycle management
View the capabilities each datasource provides
Get datasource IDs needed for other lifecycle management operations
Identify available actions, syncable attributes, and grantable entitlements for each datasource
id: Unique identifier for the datasource
name: Human-readable name of the datasource
provider_type: The type of integration (e.g., SCIM, WORKDAY, ACTIVE_DIRECTORY)
external_id: External system identifier or endpoint URL
The supported_capabilities field indicates what operations each datasource can perform:
IDENTITY_SOURCE: Can provide identity information for lifecycle management
ACCESS_TARGET: Can receive and execute access management operations
The available_actions array details specific lifecycle management operations supported:
action_type: Type of action (e.g., MANAGE_RELATIONSHIPS)
description: Human-readable description of the action
supported_entity_types: Entity types this action can work with (User, Group, etc.)
supported_relationship_types: Relationship types this action can manage (MemberOf, etc.)
The syncable_attributes array shows which entity attributes can be synchronized:
entity_type: The type of entity (User, Group, etc.)
attributes: Array of attribute definitions including:
name: Attribute name in the target system
type: Data type (string, array, boolean, etc.)
The grantable_entitlements array shows what access can be granted through this datasource:
entity_type: Type of entity that can grant access (typically Group)
entitlement_type: Type of entitlement relationship (MemberOf, etc.)
description: What access is granted through this entitlement
curl -X GET "$BASE_URL/api/v1/providers/datasources/lifecycle_managers/549a4b5e-0328-4c87-a19d-ee8a2926d1aa" \
-H "authorization: Bearer $VEZA_TOKEN"{
"value": {
"id": "549a4b5e-0328-4c87-a19d-ee8a2926d1aa",
"name": "Workday Integration",
"provider_type": "WORKDAY",
"external_id": "https://wd5-impl-services1.workday.com/veza_preview",
"lifecycle_management_enabled": true,
"supported_capabilities": [
"IDENTITY_SOURCE",
"ACCESS_TARGET"
]
}
}{
"value": {
"id": "549a4b5e-0328-4c87-a19d-ee8a2926d1aa",
"name": "SCIM Demo Server",
"provider_type": "SCIM",
"external_id": "https://scim.example.com",
"lifecycle_management_enabled": true,
"supported_capabilities": [
"ACCESS_TARGET"
],
"available_actions": [
{
"action_type": "MANAGE_RELATIONSHIPS",
"description": "Add or remove user memberships in groups",
"supported_entity_types": ["User", "Group"],
"supported_relationship_types": ["MemberOf"]
}
],
"syncable_attributes": [
{
"entity_type": "User",
"attributes": [
{
"name": "userName",
"type": "string",
"required": true,
"description": "Primary identifier for the user"
},
{
"name": "displayName",
"type": "string",
"required": false,
"description": "Display name for the user"
},
{
"name": "emails",
"type": "array",
"required": false,
"description": "Email addresses associated with the user"
}
]
},
{
"entity_type": "Group",
"attributes": [
{
"name": "displayName",
"type": "string",
"required": true,
"description": "Display name for the group"
}
]
}
],
"grantable_entitlements": [
{
"entity_type": "Group",
"entitlement_type": "MemberOf",
"description": "Grant membership in the specified group"
}
]
}
}GET /api/v1/providers/datasources/lifecycle_managerspage_token
string
Optional
The token specifying the specific page of results to retrieve
lifecycle_management_enabled: Whether LCM is enabled for this datasource
required: Whether the attribute is required
description: Purpose and usage of the attribute
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
The maximum number of results to be returned. Fewer results may be returned even when more pages exist.
The token specifying the specific page of results to retrieve.
filter
string
Optional
When present, only returns data sources matching the filter
order_by
string
Optional
Sort results by specified field
page_size
integer
Optional
The maximum number of results to return. Fewer results may be returned even when more pages exist
Configure priority scheduling and extraction times for data sources
The Data Source Scheduling Configuration APIs allow administrators to configure advanced scheduling options for individual data sources, including:
Priority scheduling: Assign priorities (1-100) to ensure extraction jobs are processed ahead of standard data sources
Scheduled extraction times: Define specific times of day when extractions should occur (in 30-minute intervals)
Day-of-week scheduling: Restrict extractions to precise days of the week
These APIs are intended primarily for use with Veza Lifecycle Management to ensure critical data sources (such as HR systems) are refreshed at predictable times to support downstream automation workflows.
Supported Data Source Types: Scheduling configuration is designed for EXTRACTOR and DISCOVERER data source types only. Configuring scheduling for other data source types (such as PARSER) will not work as expected.
Configure HR system data sources to extract at specific times to ensure identity data is current before provisioning workflows execute:
Schedule non-critical extractions only on weekends to reduce workload during business hours:
Creates or updates the scheduling configuration for a specific data source. If a configuration already exists for the data source, it will be updated with the new values; otherwise, a new configuration will be created.
The request body contains the configuration fields directly (no wrapper object needed):
Priority: Must be between 1-100 (where 100 is the highest priority)
When scheduled_extraction_times are configured, priority must be 100 to ensure jobs are processed closest to the configured times
Priority 1-99 can be used without schedules for edge cases requiring a higher priority than standard periodic scheduling
Standard Response:
Error Response (Invalid Time Format):
Error Response (Limit Reached):
Retrieves the scheduling configuration for a specific data source.
Standard Response:
Error Response (Not Found):
Returns all scheduling configurations across all data sources in your organization.
Standard Response:
Removes the scheduling configuration for a specific data source. The data source will revert to standard scheduling behavior.
Standard Response:
- Get data source IDs for configuration
- View data source details and status
- Automated identity lifecycle workflows
This guide explains how to disable specific AWS services across multiple AWS integrations (providers) using the Veza API. Limiting AWS service extraction can reduce processing overhead, help teams focus on relevant services, or exclude analytics platforms like DATABRICKS that may not be deployed or required for visibility in Veza. This is particularly useful for organizations with many AWS accounts who need to disable unused services at scale.
In the JSON AWS provider configuration, the services array acts as an allow list that controls which AWS services Veza will discover and extract:
Empty array [] = All available AWS services are enabled for discovery
Populated array = Only the listed services are enabled; all others are disabled
To disable specific services, you must populate the array with only the services you want to monitor.
Before you update AWS provider services, ensure:
You have API access credentials for your Veza instance (see for API key setup)
You have the VEZA_TOKEN environment variable configured
You have the VEZA_URL environment variable set to your instance (e.g., https://yourcompany.cookiecloud.ai)
You have appropriate permissions to modify provider configurations
First, retrieve all AWS provider configurations to understand your current setup:
Understanding the response:
Providers with empty services: [] arrays have ALL services enabled
Providers with populated services arrays only extract the listed services
Note the id, name, and account_id fields for providers you want to modify
Example response structure:
Identify which providers to modify based on:
Provider names that match your AWS accounts
Account IDs that correspond to your AWS accounts
Current services configuration
Before updating all providers, test with one provider first:
Verify the change:
Check that the response shows your desired services array.
Update each provider individually using their specific IDs:
Create a script for bulk updates. Use with caution as this affects all AWS providers:
After updating providers, verify the changes took effect:
To return a provider to monitoring all services:
To change which services are monitored:
The following AWS services can be included in the services array:
S3 - Simple Storage Service
RDS_POSTGRES - PostgreSQL databases
RDS_MYSQL - MySQL databases
Important notes:
Service availability may vary by Veza version and configuration
Some services may require specific permissions or setup
When in doubt, check your Veza UI to see which services are available for your AWS providers
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
When specified, only data sources matching the filter will be returned. Valid attributes: datasource_type Valid operators: EQ E.g. 'datasource_type eq "extractor"'
The maximum number of results to be returned. Fewer results may be returned even when more pages exist.
The token specifying the specific page of results to retrieve.
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
curl -X GET "$BASE_URL/api/v1/providers/datasources/lifecycle_managers" \
-H "authorization: Bearer $VEZA_TOKEN"curl -X GET "$BASE_URL/api/v1/providers/datasources/lifecycle_managers?page_size=10" \
-H "authorization: Bearer $VEZA_TOKEN"{
"values": [
{
"id": "549a4b5e-0328-4c87-a19d-ee8a2926d1aa",
"name": "Workday Integration",
"provider_type": "WORKDAY",
"external_id": "https://wd5-impl-services1.workday.com/veza_preview",
"lifecycle_management_enabled": true,
"supported_capabilities": [
"IDENTITY_SOURCE",
"ACCESS_TARGET"
]
},
{
"id": "2b1c8d4e-5f2a-4b3c-9e7f-1d2e3f4a5b6c",
"name": "Active Directory",
"provider_type": "ACTIVE_DIRECTORY",
"external_id": "corp.example.com",
"lifecycle_management_enabled": true,
"supported_capabilities": [
"ACCESS_TARGET"
]
}
],
"has_more": false,
"next_page_token": ""
}{
"values": [
{
"id": "549a4b5e-0328-4c87-a19d-ee8a2926d1aa",
"name": "SCIM Demo Server",
"provider_type": "SCIM",
"external_id": "https://scim.example.com",
"lifecycle_management_enabled": true,
"supported_capabilities": [
"ACCESS_TARGET"
],
"available_actions": [
{
"action_type": "MANAGE_RELATIONSHIPS",
"description": "Add or remove user memberships in groups",
"supported_entity_types": ["User", "Group"],
"supported_relationship_types": ["MemberOf"]
}
],
"syncable_attributes": [
{
"entity_type": "User",
"attributes": [
{
"name": "userName",
"type": "string",
"required": true,
"description": "Primary identifier for the user"
},
{
"name": "displayName",
"type": "string",
"required": false,
"description": "Display name for the user"
},
{
"name": "emails",
"type": "array",
"required": false,
"description": "Email addresses associated with the user"
}
]
},
{
"entity_type": "Group",
"attributes": [
{
"name": "displayName",
"type": "string",
"required": true,
"description": "Display name for the group"
}
]
}
],
"grantable_entitlements": [
{
"entity_type": "Group",
"entitlement_type": "MemberOf",
"description": "Grant membership in the specified group"
}
]
}
],
"has_more": false,
"next_page_token": ""
}scheduled_days_of_week
array[string]
Optional
Days when extractions should run: SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY. Requires scheduled_extraction_times to be set
Extraction and parsing jobs are picked up in decreasing order of priority, followed by creation timestamp
Timezone: Required when either scheduled_extraction_times or scheduled_days_of_week are provided. Must be a valid IANA timezone
Extraction times:
Must be in HH:MM:SS format
Minutes must be :00 or :30 (30-minute intervals only)
Seconds must be :00
Minimum 1-hour gap between adjacent times
Days of the week:
Requires scheduled_extraction_times to be non-empty
Automatically sorted (Sunday first)
Empty array or omitted means all days allowed
System limit: A maximum of 100 data sources can have scheduling configurations (limit will be enforced in a future release)
POST
/api/private/providers/datasources/{datasource_id}/scheduling_config
Create or update scheduling configuration
GET
/api/private/providers/datasources/{datasource_id}/scheduling_config
Get configuration for a specific data source
GET
/api/private/providers/datasources/scheduling_configs
List all scheduling configurations
DELETE
/api/private/providers/datasources/{datasource_id}/scheduling_config
Remove scheduling configuration
datasource_id
string (UUID)
Required
The unique identifier of the data source
priority
integer
Required
Priority level (1-100). Must be 100 when scheduled_extraction_times are configured
timezone
string
Conditional
IANA timezone (e.g., America/New_York). Required if scheduled_extraction_times or scheduled_days_of_week are provided
scheduled_extraction_times
array[string]
Optional
datasource_id
string (UUID)
Required
The unique identifier of the data source
datasource_type
string
Optional
Filter by datasource type: EXTRACTOR, DISCOVERER, or PARSER
datasource_id
string (UUID)
Required
The unique identifier of the data source
Extraction times in HH:MM:SS format. Minutes must be :00 or :30, seconds must be :00. Times must be at least 1 hour apart
You understand that empty services arrays mean ALL services are enabled
Determine your desired services configuration:
Option A: Disable DATABRICKS only
Option B: Enable only specific services
Option C: Custom configuration
Review the available services list below
Create your own array with desired services
RDS_ORACLE - Oracle databasesRDS - General RDS service
DYNAMODB - DynamoDB NoSQL database
REDSHIFT - Redshift data warehouse
REDSHIFT_CLUSTER - Redshift cluster management
EC2 - Elastic Compute Cloud (virtual machines)
LAMBDA - Serverless functions
EKS - Elastic Kubernetes Service
ECR - Elastic Container Registry
EMR - Elastic MapReduce (big data)
AWS_IAM - Identity and Access Management
KMS - Key Management Service
SECRETS_MANAGER - AWS Secrets Manager
COGNITO - User authentication service
SSO - AWS Single Sign-On
ORGANIZATIONS - AWS Organizations
DATABRICKS - Analytics platform
# Configure Workday to extract weekdays at 6 AM Eastern
curl -X POST "$BASE_URL/api/private/providers/datasources/{workday_datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
--data-raw '{
"priority": 100,
"timezone": "America/New_York",
"scheduled_extraction_times": ["06:00:00"],
"scheduled_days_of_week": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"]
}'curl -X POST "$BASE_URL/api/private/providers/datasources/{datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
--data-raw '{
"priority": 100,
"timezone": "America/Los_Angeles",
"scheduled_extraction_times": ["00:00:00", "12:00:00"],
"scheduled_days_of_week": ["SATURDAY", "SUNDAY"]
}'POST /api/private/providers/datasources/{datasource_id}/scheduling_configcurl -X POST "$BASE_URL/api/private/providers/datasources/{datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
--data-raw '{
"priority": 100,
"timezone": "America/New_York",
"scheduled_extraction_times": ["09:00:00", "13:30:00", "18:30:00"],
"scheduled_days_of_week": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"]
}'curl -X POST "$BASE_URL/api/private/providers/datasources/{datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
--data-raw '{
"priority": 100
}'curl -X POST "$BASE_URL/api/private/providers/datasources/{datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
--data-raw '{
"priority": 100,
"timezone": "America/Los_Angeles",
"scheduled_extraction_times": ["09:00:00", "21:00:00"],
"scheduled_days_of_week": ["SATURDAY", "SUNDAY"]
}'{
"value": {
"datasource_id": "019a0f2b-53cd-7c5d-904f-bf2588b876d5",
"priority": "100",
"datasource_name": "AWS S3 (527398259632)",
"datasource_type": "EXTRACTOR",
"timezone": "America/New_York",
"scheduled_extraction_times": ["09:00:00", "13:30:00", "18:30:00"],
"created_at": "2025-10-28T02:34:27.794138246Z",
"updated_at": "2025-10-31T19:42:43.705828675Z",
"scheduled_days_of_week": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"]
}
}{
"code": "INVALID_ARGUMENT",
"message": "invalid time format '09:15:00': only 00 and 30 minutes of the hour are supported",
"details": []
}{
"code": "INVALID_ARGUMENT",
"message": "Cannot create scheduling configuration. Limit of 100 configurations is reached.",
"details": []
}GET /api/private/providers/datasources/{datasource_id}/scheduling_configcurl -X GET "$BASE_URL/api/private/providers/datasources/{datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN"{
"value": {
"datasource_id": "0199827a-402d-7554-af7b-cb3489b68402",
"priority": "100",
"datasource_name": "AWS IAM Volatile (527398259632)",
"datasource_type": "EXTRACTOR",
"timezone": "America/New_York",
"scheduled_extraction_times": ["09:00:00", "13:30:00", "18:30:00"],
"created_at": "2025-10-10T12:52:11.659562336Z",
"updated_at": "2025-10-10T12:52:11.659562336Z",
"scheduled_days_of_week": ["MONDAY", "WEDNESDAY", "FRIDAY"]
}
}{
"code": "NOT_FOUND",
"message": "datasource_scheduling_config not found",
"details": []
}GET /api/private/providers/datasources/scheduling_configscurl -X GET "$BASE_URL/api/private/providers/datasources/scheduling_configs" \
-H "authorization: Bearer $VEZA_TOKEN"curl -X GET "$BASE_URL/api/private/providers/datasources/scheduling_configs?datasource_type=EXTRACTOR" \
-H "authorization: Bearer $VEZA_TOKEN"{
"values": [
{
"datasource_id": "0199827a-3d32-7342-9ccd-2f928ccc6855",
"priority": "100",
"datasource_name": "AWS Cognito (527398259632)",
"datasource_type": "EXTRACTOR",
"timezone": "America/New_York",
"scheduled_extraction_times": ["00:00:00", "01:30:00", "03:00:00"],
"created_at": "1970-01-01T00:00:01.758832260Z",
"updated_at": "1970-01-01T00:00:01.758832260Z",
"scheduled_days_of_week": ["MONDAY", "WEDNESDAY", "FRIDAY"]
},
{
"datasource_id": "0199827a-402d-7554-af7b-cb3489b68402",
"priority": "100",
"datasource_name": "AWS IAM Volatile (527398259632)",
"datasource_type": "EXTRACTOR",
"timezone": "America/New_York",
"scheduled_extraction_times": ["09:00:00", "13:30:00", "18:30:00"],
"created_at": "2025-10-10T12:52:11.659562336Z",
"updated_at": "2025-10-10T12:52:11.659562336Z",
"scheduled_days_of_week": []
}
]
}DELETE /api/private/providers/datasources/{datasource_id}/scheduling_configcurl -X DELETE "$BASE_URL/api/private/providers/datasources/{datasource_id}/scheduling_config" \
-H "authorization: Bearer $VEZA_TOKEN"{}{
"services": [
"REDSHIFT", "REDSHIFT_CLUSTER", "S3", "RDS_POSTGRES", "RDS_MYSQL",
"RDS_ORACLE", "RDS", "DYNAMODB", "KMS", "EMR", "ORGANIZATIONS",
"EC2", "SSO", "COGNITO", "LAMBDA", "EKS", "SECRETS_MANAGER",
"ECR", "AWS_IAM"
]
}{
"services": [
"S3", "RDS_POSTGRES", "LAMBDA", "EC2", "AWS_IAM"
]
}curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws"{
"values": [
{
"id": "12345678-1234-5678-9012-123456789012",
"name": "Production AWS Account",
"account_id": "123456789012",
"services": [],
"state": "ENABLED"
},
{
"id": "87654321-4321-8765-2109-876543210987",
"name": "Development AWS Account",
"account_id": "987654321098",
"services": ["S3", "RDS_POSTGRES", "LAMBDA"],
"state": "ENABLED"
}
]
}# Replace with your actual provider ID and desired services
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d '{"services":["S3","RDS_POSTGRES","LAMBDA","EC2","AWS_IAM"]}' \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_HERE"curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_HERE"# Example for multiple providers - replace with your actual IDs and services
DESIRED_SERVICES='["S3","RDS_POSTGRES","DYNAMODB","LAMBDA","EC2","AWS_IAM"]'
# Provider 1
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$DESIRED_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_1"
# Provider 2
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$DESIRED_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_2"#!/bin/bash
# Configuration - CUSTOMIZE THESE VALUES
VEZA_URL="https://yourcompany.cookiecloud.ai"
DESIRED_SERVICES='["S3","RDS_POSTGRES","DYNAMODB","LAMBDA","EC2","AWS_IAM"]'
echo "Starting bulk AWS provider services update..."
echo "Target services: $DESIRED_SERVICES"
echo ""
# Get all AWS provider IDs
provider_ids=$(curl -s -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws" | \
jq -r '.values[].id')
if [ -z "$provider_ids" ]; then
echo "Error: No AWS providers found or API call failed"
exit 1
fi
# Count providers
provider_count=$(echo "$provider_ids" | wc -l)
echo "Found $provider_count AWS providers to update"
echo ""
# Add confirmation prompt
read -p "Continue with bulk update? (y/N): " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Update cancelled"
exit 0
fi
# Update each provider
echo "$provider_ids" | while read provider_id; do
if [ -n "$provider_id" ]; then
echo "Updating provider: $provider_id"
response=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$DESIRED_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/$provider_id")
http_status=$(echo "$response" | grep "HTTP_STATUS" | cut -d: -f2)
if [ "$http_status" = "200" ]; then
echo "✓ Successfully updated provider $provider_id"
else
echo "✗ Failed to update provider $provider_id (HTTP $http_status)"
echo "Response: $(echo "$response" | grep -v "HTTP_STATUS")"
fi
echo ""
fi
done
echo "Bulk update completed"# Check all providers
curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws" | \
jq '.values[] | {id: .id, name: .name, services: .services}'
# Check specific provider
curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID" | \
jq '{id: .id, name: .name, services: .services}'curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d '{"services":[]}' \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID"# Example: Enable different set of services
NEW_SERVICES='["S3","LAMBDA","DYNAMODB","EC2"]'
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$NEW_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID"PUT /api/v1/providers/{id}:enable HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}PUT /api/v1/providers/{id}:disable HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}PUT /api/v1/providers/datasources/{id}:disable HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/datasources/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {}
}GET /api/v1/providers/datasources/{id}/parse_status HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"job_status": {
"id": "text",
"status": "text"
}
}PUT /api/v1/providers/datasources/{id}:enable HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/datasources/{id}/sync_status HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"job_status": {
"id": "text",
"status": "text"
}
}{
"value": {}
}PUT /api/v1/providers/datasources/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 27
{
"id": "text",
"name": "text"
}{
"datasource_list": [
{
"external_datasource_id": "text",
"external_provider_id": "text",
"datasource_type": "text",
"extraction_start": "2025-12-09T19:56:18.232Z",
"extraction_end": "2025-12-09T19:56:18.232Z",
"datasource_name": "text",
"is_deleted": true,
"datasource_id": "text",
"has_warning": true
}
],
"snapshot_not_found": true,
"pagination_context": "text",
"has_more": true
}GET /api/v1/providers/datasources HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
GET /api/v1/providers/datasources/lifecycle_managers:by_action_type HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"enabled": true,
"datasource": {},
"definition": {
"source_of_identity_definition": {
"entity_type": "text"
},
"actions": [
{
"type": 1,
"idempotent": true,
"input_entity_types": [
{
"name": "text",
"description": "text",
"available_entity_types": [
"text"
]
}
],
"output_entity_types": [
{
"name": "text",
"description": "text",
"available_entity_types": [
"text"
]
}
],
"definition": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
}
]
}
}
]
}GET /api/v1/providers/datasources/lifecycle_managers/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {
"id": "text",
"enabled": true,
"datasource": {},
"definition": {
"source_of_identity_definition": {
"entity_type": "text"
},
"actions": [
{
"type": 1,
"idempotent": true,
"input_entity_types": [
{
"name": "text",
"description": "text",
"available_entity_types": [
"text"
]
}
],
"output_entity_types": [
{
"name": "text",
"description": "text",
"available_entity_types": [
"text"
]
}
],
"definition": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
}
]
}
}
}OK
Default error response
GET /api/v1/providers/datasources/lifecycle_managers HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"enabled": true,
"datasource": {},
"definition": {
"source_of_identity_definition": {
"entity_type": "text"
},
"actions": [
{
"type": 1,
"idempotent": true,
"input_entity_types": [
{
"name": "text",
"description": "text",
"available_entity_types": [
"text"
]
}
],
"output_entity_types": [
{
"name": "text",
"description": "text",
"available_entity_types": [
"text"
]
}
],
"definition": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
}
]
}
}
],
"next_page_token": "text",
"has_more": true
}Operations for listing, adding, and modifying cloud provider configurations
You can manage Veza integrations using the management API and a Veza admin API key.
Use these operations to configure and manage cloud platform integrations including AWS, Azure, Google Cloud, Snowflake, SQL Server, and Trino providers. Each provider type has specific configuration requirements and optional parameters for controlling discovery scope.
Veza supports the following provider types:
AWS: Amazon Web Services accounts with support for IAM, S3, RDS, Redshift, and other services
Azure: Microsoft Azure tenants including Active Directory and SharePoint Online
Google Cloud: Google Cloud Platform projects and Google Workspace domains
Snowflake: Snowflake data warehouses and databases
SQL Server: Microsoft SQL Server instances
Trino: Trino clusters with file-based access control
For detailed integration guides, see the .
You will need an API token with administrator permissions to manage provider configurations. See for details.
All provider configurations share these common properties:
id (String): Unique identifier for the provider configuration
vendor_id (String): Provider-specific identifier (e.g., AWS account ID)
name (String): Display name for the provider
AWS provider configurations include account credentials, regions, and service-specific settings:
account_id (String): AWS account ID (12-digit number)
credentials_type (String): Authentication method - STATIC, EC2_INSTANCE_PROFILE, or ASSUME_CUSTOMER_ROLE
access_key_id
Available service values for the services array:
IAM: Identity and Access Management
S3: Simple Storage Service
RDS: Relational Database Service
Use allow/deny lists to control which resources are discovered:
s3_bucket_allow_list: S3 bucket names to include (supports wildcards)
s3_bucket_deny_list: S3 bucket names to exclude
rds_database_allow_list: RDS database names to include
For detailed AWS setup instructions, see .
Azure provider configurations include tenant authentication and service settings:
tenant_id (String): Azure Active Directory tenant ID
client_id (String): Application (client) ID for service principal
client_secret (String): Client secret for authentication
For detailed Azure setup instructions, see .
Google Cloud provider configurations include service account credentials and project settings:
credentials_json (String): Service account key JSON
customer_id (String): Google Workspace customer ID
workspace_email (String): Workspace user email for service account impersonation
For detailed Google Cloud setup instructions, see .
Snowflake provider configurations include connection details and database filtering:
account_locator (String): Snowflake account locator (e.g., "xy12345")
region (String): Cloud region for the Snowflake account
cloud (String): Cloud provider ("aws", "azure", or "gcp")
For detailed Snowflake setup instructions, see .
SQL Server provider configurations include connection details and database filtering:
host (String): SQL Server hostname or IP address
port (Integer): Port number (typically 1433)
username (String): SQL Server username
For detailed SQL Server setup instructions, see .
Trino provider configurations include cluster connection details and S3 access control file settings:
host (String): Trino coordinator hostname
port (Integer): Trino coordinator port (typically 8080 or 8443)
username (String): Trino username
The aws_s3_object_config object contains:
access_key (String): AWS access key ID
secret_key (String): AWS secret access key
region (String): S3 bucket region
For detailed Trino setup instructions, see .
All provider API operations return standard HTTP status codes:
200 OK: Request successful
400 Bad Request: Invalid request parameters or payload
401 Unauthorized: Invalid or missing API token
403 Forbidden: Insufficient permissions
Error responses include a descriptive message and error code:
When managing provider configurations:
Use descriptive names that identify the environment and purpose
Implement least privilege by configuring only necessary services and resources
Use allow lists rather than deny lists when possible for better security
Test configurations in development environments before production
type (String): Provider type (AWS, AZURE, GOOGLE_CLOUD, etc.)state (String): Current state (ENABLED, DISABLED)
data_plane_id (String): Insight Point ID used for discovery
status (String): Last discovery status (SUCCESS, PENDING, ERROR)
secret_key (String): Secret access key for static credentials
assume_role_name (String): IAM role name for assume role authentication
assume_role_external_id (String): External ID for assume role authentication
regions (Array): List of AWS regions to discover
db_user (String): Database username for RDS/Redshift connections
services (Array): Specific AWS services to discover (empty array = all services)
REDSHIFT: Redshift data warehousesEC2: Elastic Compute Cloud
LAMBDA: Lambda functions
EKS: Elastic Kubernetes Service
COGNITO: Cognito user pools
SECRETS_MANAGER: Secrets Manager
KMS: Key Management Service
DYNAMODB: DynamoDB tables
rds_database_deny_list: RDS database names to excluderedshift_database_allow_list: Redshift database ARNs to include
redshift_database_deny_list: Redshift database ARNs to exclude
auth_certificate (String): Certificate for SharePoint app-only accessauth_certificate_password (String): Certificate password
services (Array): Azure services to discover
gather_guest_users (Boolean): Include guest users in discovery
gather_disabled_users (Boolean): Include disabled users
gather_personal_sites (Boolean): Include personal SharePoint sites
domains (Array): Specific domains to discover
project_allow_list (Array): GCP project names to includeproject_deny_list (Array): GCP project names to exclude
domain_allow_list (Array): Workspace domains to include
domain_deny_list (Array): Workspace domains to exclude
dataset_allow_list (Array): BigQuery dataset names to include
dataset_deny_list (Array): BigQuery dataset names to exclude
user (String): Snowflake username for authenticationpassword (String): Password for the Snowflake user
role (String): Snowflake role to use for queries
warehouse (String): Default warehouse for compute
database_allow_list (Array): Database names to include
database_deny_list (Array): Database names to exclude
password (String): Password for authenticationdatabase_allow_list (Array): Database names to include
database_deny_list (Array): Database names to exclude
schema_allow_list (Array): Schema names to include
schema_deny_list (Array): Schema names to exclude
password (String): Password for authenticationaws_s3_object_config (Object): S3 configuration for access control file
ssl_certificate (String): TLS certificate for secure connections
bucket (String): S3 bucket nameobject (String): Path to access control file
credentials_type (String): Authentication method
assume_role_name (String): IAM role name (for assume role)
assume_role_external_id (String): External ID for assume role
account_id (String): AWS account ID
404 Not Found: Provider configuration not found
409 Conflict: Provider configuration already exists
500 Internal Server Error: Server error
Monitor discovery status regularly to ensure successful data collection
Rotate credentials according to your organization's security policies
Use assume role authentication for AWS providers when possible
Configure resource filtering to limit discovery scope and improve performance
{
"id": "883dd869-8762-4187-8767-1c387de14b4b",
"vendor_id": "123456789010",
"name": "AWS-Production",
"type": "AWS",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"account_id": "123456789010",
"credentials_type": "ASSUME_CUSTOMER_ROLE",
"access_key_id": "AKIA6FRNZGGIOEBZ6BEA",
"assume_role_name": "VezaDiscoveryRole",
"assume_role_external_id": "veza-external-id",
"regions": [
"us-east-1",
"us-west-2",
"eu-west-1"
],
"db_user": "veza_user",
"services": [
"IAM",
"S3",
"RDS",
"REDSHIFT"
],
"s3_bucket_allow_list": ["prod-data-*"],
"s3_bucket_deny_list": ["temp-*", "test-*"],
"rds_database_allow_list": ["production"],
"rds_database_deny_list": ["temp"]
}{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "contoso.onmicrosoft.com",
"name": "Azure-Production",
"type": "AZURE",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"tenant_id": "12345678-1234-1234-1234-123456789012",
"client_id": "87654321-4321-4321-4321-210987654321",
"services": [
"AZUREAD",
"SHAREPOINT",
"SQLSERVER"
],
"gather_guest_users": true,
"gather_disabled_users": false,
"gather_personal_sites": true,
"domains": ["contoso.com"],
"sql_server_database_allow_list": ["production"],
"sql_server_database_deny_list": ["temp"]
}{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "gcp-project-id",
"name": "GCP-Production",
"type": "GOOGLE_CLOUD",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"customer_id": "C01234567",
"workspace_email": "[email protected]",
"project_allow_list": ["prod-project-1", "prod-project-2"],
"project_deny_list": ["test-*"],
"domain_allow_list": ["company.com"],
"domain_deny_list": [],
"services": [
"IAM",
"STORAGE",
"COMPUTE",
"WORKSPACE",
"BIGQUERY"
],
"dataset_allow_list": ["analytics", "reporting"],
"dataset_deny_list": ["temp_*"]
}{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "xy12345.us-east-1",
"name": "Snowflake-Production",
"type": "SNOWFLAKE",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"account_locator": "xy12345",
"region": "us-east-1",
"cloud": "aws",
"user": "veza_user",
"role": "VEZA_ROLE",
"warehouse": "COMPUTE_WH",
"database_allow_list": ["PROD_DB", "ANALYTICS_DB"],
"database_deny_list": ["TEMP_DB", "TEST_DB"]
}{
"id": "90112ed7-47e7-48e6-9f05-c02d19d7f137",
"vendor_id": "sqlserver.company.com",
"name": "SQL-Production",
"type": "SQL_SERVER",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"host": "sqlserver.company.com",
"port": 1433,
"username": "veza_user",
"database_allow_list": ["ProductionDB", "AnalyticsDB"],
"database_deny_list": ["TempDB", "TestDB"],
"schema_allow_list": ["dbo", "analytics"],
"schema_deny_list": ["temp"]
}{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "trino.company.com",
"name": "Trino-Production",
"type": "TRINO",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"host": "trino.company.com",
"port": 8080,
"username": "veza_user",
"aws_s3_object_config": {
"access_key": "AKIA...",
"region": "us-east-1",
"bucket": "trino-config",
"object": "access-control.properties",
"credentials_type": "STATIC",
"assume_role_name": "",
"account_id": ""
},
"ssl_certificate": "-----BEGIN CERTIFICATE-----\n..."
}{
"error": {
"code": "INVALID_CREDENTIALS",
"message": "The provided credentials are invalid or expired",
"details": "AWS STS AssumeRole failed with error: Access denied"
}
}Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
External OAuth specific fields
Organization account filtering
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
External OAuth specific fields
Organization account filtering
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
Bearer token authentication using a Veza Personal API key.
Header Format: Authorization: Bearer <your-api-key>
Creating an API Key:
OK
Default error response
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"rbac_id": "text",
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true,
"gather_all_iam_policies": true,
"documentdb_user": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"rbac_id": "text",
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true,
"gather_all_iam_policies": true,
"documentdb_user": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"authentication_type": 1,
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"rbac_id": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1,
"lcm_unique_identifier": true
}
],
"provisioning": true,
"lifecycle_management_state": 1,
"secret_references": [
{
"id": "text",
"secret_id": "text",
"vault_id": "text",
"vault": {
"id": "text",
"name": "text",
"vault_provider": "text",
"insight_point_id": "text",
"deleted": true
}
}
],
"gather_group_extra_info": true,
"gather_group_owner_details": true,
"log_analytics_workspace_id": "text",
"subscription_id_allow_list": [
"text"
],
"subscription_id_deny_list": [
"text"
],
"storage_account_name_allow_list": [
"text"
],
"storage_account_name_deny_list": [
"text"
],
"blob_container_name_allow_list": [
"text"
],
"blob_container_name_deny_list": [
"text"
]
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"authentication_type": 1,
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"rbac_id": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1,
"lcm_unique_identifier": true
}
],
"provisioning": true,
"lifecycle_management_state": 1,
"secret_references": [
{
"id": "text",
"secret_id": "text",
"vault_id": "text",
"vault": {
"id": "text",
"name": "text",
"vault_provider": "text",
"insight_point_id": "text",
"deleted": true
}
}
],
"gather_group_extra_info": true,
"gather_group_owner_details": true,
"log_analytics_workspace_id": "text",
"subscription_id_allow_list": [
"text"
],
"subscription_id_deny_list": [
"text"
],
"storage_account_name_allow_list": [
"text"
],
"storage_account_name_deny_list": [
"text"
],
"blob_container_name_allow_list": [
"text"
],
"blob_container_name_deny_list": [
"text"
]
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"organization_account": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true,
"gather_row_access_policies": true,
"gather_network_policies": true,
"gather_projection_policies": true,
"gather_password_policies": true,
"gather_login_source_ip": true,
"external_oauth_aws_region": "text",
"external_oauth_ida_provider_uri": "text",
"external_oauth_ida_resource_uri": "text",
"account_allow_list": [
"text"
],
"account_deny_list": [
"text"
]
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"organization_account": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true,
"gather_row_access_policies": true,
"gather_network_policies": true,
"gather_projection_policies": true,
"gather_password_policies": true,
"gather_login_source_ip": true,
"external_oauth_aws_region": "text",
"external_oauth_ida_provider_uri": "text",
"external_oauth_ida_resource_uri": "text",
"account_allow_list": [
"text"
],
"account_deny_list": [
"text"
]
}
}{
"id": "text"
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
}GET /api/v1/providers/aws HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"rbac_id": "text",
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true,
"gather_all_iam_policies": true,
"documentdb_user": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
]
}POST /api/v1/providers/aws HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1589
{
"name": "text",
"account_id": "text",
"regions": [
"text"
],
"data_plane_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"secret_key": "text",
"assume_role_name": "text",
"assume_role_external_id": "text",
"db_user": "text",
"rds_postgres_user": "text",
"rds_mysql_user": "text",
"rds_oracle_user": "text",
"rds_oracle_password": "text",
"redshift_user": "text",
"services": [
1
],
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"rds_db_level_only": true,
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"provisioning_scim_token": "text",
"gather_all_iam_policies": true,
"documentdb_user": "text",
"documentdb_password": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}GET /api/v1/providers/aws/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"rbac_id": "text",
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true,
"gather_all_iam_policies": true,
"documentdb_user": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}PATCH /api/v1/providers/aws/{provider.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1587
{
"id": "text",
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"secret_key": "text",
"assume_role_name": "text",
"assume_role_external_id": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"rds_oracle_password": "text",
"services": [
1
],
"data_plane_id": "text",
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_rds_oracle_system_schemas": true,
"gather_postgresql_system_schemas": true,
"rds_db_level_only": true,
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"provisioning_scim_token": "text",
"gather_all_iam_policies": true,
"documentdb_user": "text",
"documentdb_password": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}DELETE /api/v1/providers/aws/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/aws:trustpolicy HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"trust_policy_json": "text"
}GET /api/v1/providers/aws/{id}:checkpolicy HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"requires_update": true,
"aws_account_id": "text",
"current_policy": "text",
"required_policy": "text",
"required_actions": [
"text"
],
"overprivileged_actions": [
"text"
]
}GET /api/v1/providers/azure HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"authentication_type": 1,
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"rbac_id": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1,
"lcm_unique_identifier": true
}
],
"provisioning": true,
"lifecycle_management_state": 1,
"secret_references": [
{
"id": "text",
"secret_id": "text",
"vault_id": "text",
"vault": {
"id": "text",
"name": "text",
"vault_provider": "text",
"insight_point_id": "text",
"deleted": true
}
}
],
"gather_group_extra_info": true,
"gather_group_owner_details": true,
"log_analytics_workspace_id": "text",
"subscription_id_allow_list": [
"text"
],
"subscription_id_deny_list": [
"text"
],
"storage_account_name_allow_list": [
"text"
],
"storage_account_name_deny_list": [
"text"
],
"blob_container_name_allow_list": [
"text"
],
"blob_container_name_deny_list": [
"text"
]
}
]
}POST /api/v1/providers/azure HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 2032
{
"name": "text",
"tenant_id": "text",
"client_id": "text",
"client_secret": "text",
"data_plane_id": "text",
"auth_certificate": "text",
"auth_certificate_password": "text",
"services": [
1
],
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"dynamics_erp_environments": [
"text"
],
"authentication_type": 1,
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"gather_postgresql_system_schemas": true,
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1,
"lcm_unique_identifier": true
}
],
"provisioning": true,
"secret_references": [
{
"secret_id": "text",
"vault_id": "text"
}
],
"gather_group_extra_info": true,
"gather_group_owner_details": true,
"log_analytics_workspace_id": "text",
"subscription_id_allow_list": [
"text"
],
"subscription_id_deny_list": [
"text"
],
"storage_account_name_allow_list": [
"text"
],
"storage_account_name_deny_list": [
"text"
],
"blob_container_name_allow_list": [
"text"
],
"blob_container_name_deny_list": [
"text"
]
}GET /api/v1/providers/azure/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"authentication_type": 1,
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"rbac_id": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1,
"lcm_unique_identifier": true
}
],
"provisioning": true,
"lifecycle_management_state": 1,
"secret_references": [
{
"id": "text",
"secret_id": "text",
"vault_id": "text",
"vault": {
"id": "text",
"name": "text",
"vault_provider": "text",
"insight_point_id": "text",
"deleted": true
}
}
],
"gather_group_extra_info": true,
"gather_group_owner_details": true,
"log_analytics_workspace_id": "text",
"subscription_id_allow_list": [
"text"
],
"subscription_id_deny_list": [
"text"
],
"storage_account_name_allow_list": [
"text"
],
"storage_account_name_deny_list": [
"text"
],
"blob_container_name_allow_list": [
"text"
],
"blob_container_name_deny_list": [
"text"
]
}
}PATCH /api/v1/providers/azure/{provider.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 2030
{
"id": "text",
"tenant_id": "text",
"client_id": "text",
"client_secret": "text",
"auth_certificate": "text",
"auth_certificate_password": "text",
"services": [
1
],
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"dynamics_erp_environments": [
"text"
],
"authentication_type": 1,
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"gather_postgresql_system_schemas": true,
"data_plane_id": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1,
"lcm_unique_identifier": true
}
],
"provisioning": true,
"secret_references": [
{
"secret_id": "text",
"vault_id": "text"
}
],
"gather_group_extra_info": true,
"gather_group_owner_details": true,
"log_analytics_workspace_id": "text",
"subscription_id_allow_list": [
"text"
],
"subscription_id_deny_list": [
"text"
],
"storage_account_name_allow_list": [
"text"
],
"storage_account_name_deny_list": [
"text"
],
"blob_container_name_allow_list": [
"text"
],
"blob_container_name_deny_list": [
"text"
]
}DELETE /api/v1/providers/azure/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/google_cloud HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
]
}POST /api/v1/providers/google_cloud HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1039
{
"name": "text",
"credentials_json": "text",
"data_plane_id": "text",
"workspace_email": "text",
"customer_id": "text",
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"services": [
1
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"oauth_config": "text",
"oauth_token": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}GET /api/v1/providers/google_cloud/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}PATCH /api/v1/providers/google_cloud/{provider.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1037
{
"id": "text",
"credentials_json": "text",
"workspace_email": "text",
"customer_id": "text",
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"services": [
1
],
"data_plane_id": "text",
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"oauth_config": "text",
"oauth_token": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}DELETE /api/v1/providers/google_cloud/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/snowflake HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"organization_account": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true,
"gather_row_access_policies": true,
"gather_network_policies": true,
"gather_projection_policies": true,
"gather_password_policies": true,
"gather_login_source_ip": true,
"external_oauth_aws_region": "text",
"external_oauth_ida_provider_uri": "text",
"external_oauth_ida_resource_uri": "text",
"account_allow_list": [
"text"
],
"account_deny_list": [
"text"
]
}
]
}POST /api/v1/providers/snowflake HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1108
{
"name": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"password": "text",
"role": "text",
"warehouse": "text",
"data_plane_id": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"alternative_database_name": "text",
"authentication_method": 1,
"private_key": "text",
"private_key_password": "text",
"extract_tags": true,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"export_private_key": "text",
"export_private_key_password": "text",
"export_password": "text",
"provisioning": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true,
"gather_row_access_policies": true,
"gather_network_policies": true,
"gather_projection_policies": true,
"organization_account": true,
"gather_password_policies": true,
"gather_login_source_ip": true,
"external_oauth_aws_region": "text",
"external_oauth_ida_provider_uri": "text",
"external_oauth_ida_resource_uri": "text",
"account_allow_list": [
"text"
],
"account_deny_list": [
"text"
]
}GET /api/v1/providers/snowflake/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-12-09T19:56:18.232Z",
"synced_at": "2025-12-09T19:56:18.232Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"organization_account": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true,
"gather_row_access_policies": true,
"gather_network_policies": true,
"gather_projection_policies": true,
"gather_password_policies": true,
"gather_login_source_ip": true,
"external_oauth_aws_region": "text",
"external_oauth_ida_provider_uri": "text",
"external_oauth_ida_resource_uri": "text",
"account_allow_list": [
"text"
],
"account_deny_list": [
"text"
]
}
}PATCH /api/v1/providers/snowflake/{provider.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1106
{
"id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"password": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"alternative_database_name": "text",
"authentication_method": 1,
"private_key": "text",
"private_key_password": "text",
"extract_tags": true,
"data_plane_id": "text",
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"export_private_key": "text",
"export_private_key_password": "text",
"export_password": "text",
"gather_masking_policies": true,
"gather_row_access_policies": true,
"gather_projection_policies": true,
"organization_account": true,
"gather_password_policies": true,
"gather_login_source_ip": true,
"provisioning": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_network_policies": true,
"external_oauth_aws_region": "text",
"external_oauth_ida_provider_uri": "text",
"external_oauth_ida_resource_uri": "text",
"account_allow_list": [
"text"
],
"account_deny_list": [
"text"
]
}DELETE /api/v1/providers/snowflake/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/sqlserver HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}
]
}POST /api/v1/providers/sqlserver HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 269
{
"name": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"data_plane_id": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}GET /api/v1/providers/sqlserver/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}PATCH /api/v1/providers/sqlserver/{provider.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 267
{
"id": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text",
"data_plane_id": "text"
}DELETE /api/v1/providers/sqlserver/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}GET /api/v1/providers/trino HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
]
}POST /api/v1/providers/trino HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 506
{
"name": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"data_plane_id": "text",
"aws_s3_object_config": {
"access_key": "text",
"secret_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"assume_role_external_id": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}GET /api/v1/providers/trino/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"rbac_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
}PATCH /api/v1/providers/trino/{provider.id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 504
{
"id": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"aws_s3_object_config": {
"access_key": "text",
"secret_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"assume_role_external_id": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"data_plane_id": "text"
}DELETE /api/v1/providers/trino/{id} HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{}API endpoints for configuring Okta and OneLogin
You can manage Veza Identity Provider integrations using the management API and a Veza admin API key.
providers/activedirectorySee the configuration guide for the prerequisite steps to integrate with Veza. An AD configuration has the following parameters:
List Active Directory Providers
The response will include all existing configurations, in the format:
Create Active Directory Provider
Get Active Directory Provider
Delete Active Directory Provider
Update Active Directory Provider
providers/oktaAn Okta configuration includes connection information and credentials, as well as any limits on apps and domains to extract:
See the integration guide for more details on retrieving an Okta API token and registering your domain with Veza.
List Okta Providers
GET {{vezaURL}}/api/v1/providers/okta
Get the configuration and status for all configured Okta integrations.
* indicates a required field.
Create Okta Provider
POST {{vezaURL}}/api/v1/providers/okta
Submit a new Okta provider configuration.
* indicates a required field.
Get Okta Provider
GET {{vezaURL}}/api/v1/providers/okta/{id}
Get an individual Okta provider configuration.
* indicates a required field.
Delete Okta Provider
DELETE {{vezaURL}}/api/v1/providers/okta/{id}
Delete an Okta provider, removing all associated entities from Veza.
* indicates a required field.
Update Okta Provider
PATCH {{vezaURL}}/api/v1/providers/okta/{id}
Update an existing provider configuration with new properties.
* indicates a required field.
providers/oneloginA OneLogin configuration includes the domain, region, and credentials to use for the connection:
See for steps to generate credentials for Veza-OneLogin API access.
List OneLogin Providers
GET {{vezaURL}}/api/v1/providers/onelogin
Gets all configured OneLogin providers.
* indicates a required field.
Create OneLogin Provider
POST {{vezaURL}}/api/v1/providers/onelogin
Submit a new OneLogin provider configuration. See
for more information about enabling Veza access to OneLogin metadata.
* indicates a required field.
Get OneLogin Provider
GET {{vezaURL}}/api/v1/providers/onelogin/{id}
Return the status and configuration for a single OneLogin provider configuration.
* indicates a required field.
Delete OneLogin Provider
DELETE {{vezaURL}}/api/v1/providers/onelogin/{id}
Delete a OneLogin configuration and its discovered entities.
* indicates a required field.
Update OneLogin Provider
PATCH {{VezaURL}}/api/v1/providers/onelogin/{id}
Update a OneLogin provider configuration. You can provide field mask paths to only update specific fields.
* indicates a required field.
token*
string
Okta API token
gather_all_applications
boolean
Whether to extract all apps or only selected
domain_allow_list
string list
Domains to explicitly allow
domain_deny_list
string list
Domains to exclude from discovery
app_allow_list
string list
Apps to explicitly allow
app_deny_list
string list
Apps to exclude from discovery
client_secret*
string
Client Secret for the OneLogin ID pair
data_plane_id
string
Insight Point ID to use for the connection
client_secret*
string
data_plane_id
string
name*
string
Name for the Okta Provider
domain*
string
Okta domain
region*
string
The Okta region
us
data_plane_id
string
Provide if connecting via an Insight Point
id*
string
The Okta provider configuration ID
id
string
ID of the configuration to delete
{id}*
string
The Okta provider configuration ID
update_mask.paths
array[string]
the set of field mask paths
domain
string
region
string
token
string
name*
string
The name to show in Veza
domain*
string
Your company's OneLogin domain
region*
string
The region of the Onelogin instance, e.g.
us
client_id*
string
Client ID for the OneLogin key pair
id*
string
OneLogin provider ID
id*
string
The OneLogin configuration to delete
{id}*
string
ID of the OneLogin configuration to update
update_mask.paths
array[string]
The set of field mask paths
name*
string
domain*
string
region*
string
client_id*
string
{
"ad_fqdn": "FQDN.NAME.ON.CERT",
"name": "Test-AD",
"host": "FQDN.FOR.DOMAIN.CONTROLLER",
"port": 636,
"ldaps_certificate": "Base64 Encoded String of PEM format",
"username": "ADMIN",
"password": "PASSWORD",
"domains": ["FQDN.OF.DOMAIN"],
"data_plane_id": "DATAPLAN_ID"
}curl --location --request GET '/api/v1/providers/activedirectory' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN'{
"values": [
{
"id": "interation-GUID",
"vendor_id": "domain.controller.FQDN",
"name": "ad_cct01",
"type": "ACTIVE_DIRECTORY",
"state": "ENABLED",
"data_plane_id": "insight-point-GUID",
"status": "SUCCESS",
"host": "domain.controller.FQDN",
"port": 636,
"username": "read.only",
"domains": [
"corp.cookie.ai"
],
"ad_fqdn": "cct01-ad-01.corp.cookie.ai",
"identity_mapping_configuration": null
}
]
}curl --location --request POST '/api/v1/providers/activedirectory' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"ad_fqdn": "FQDN.NAME.ON.CERT",
"name": "Test-AD",
"host": "FQDN.FOR.DOMAIN.CONTROLLER",
"port": 636,
"ldaps_certificate": "Base64 Encoded String of PEM format",
"username": "ADMIN",
"password": "PASSWORD",
"domains": ["FQDN.OF.DOMAIN"],
"data_plane_id": "DATAPLAN_ID"
}'curl --location --request POST '/api/v1/providers/activedirectory' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"ad_fqdn": "FQDN.NAME.ON.CERT",
"name": "Test-AD",
"host": "FQDN.FOR.DOMAIN.CONTROLLER",
"port": 636,
"ldaps_certificate": "Base64 Encoded String of PEM format",
"username": "ADMIN",
"password": "PASSWORD",
"domains": ["FQDN.OF.DOMAIN"],
"data_plane_id": "DATAPLAN_ID"
}'curl --location --request DELETE '/api/v1/providers/activedirectory/{{provider_id}}' \
--header 'Authorization: Bearer TOKEN'curl --location --request PATCH '/api/v1/providers/azure/{{provider_id}}' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"port": 636
}'{
"id": "string",
"domain": "string",
"region": "string",
"token": "string",
"gather_all_applications": true,
"domain_allow_list": [
"string"
],
"domain_deny_list": [
"string"
],
"app_allow_list": [
"string"
],
"app_deny_list": [
"string"
]
}{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
]
}{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
]
}{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
}{}{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
}{
"name": "string",
"domain": "string",
"region": "string",
"client_id": "string",
"client_secret": "string",
"data_plane_id": "string"
}{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
]
}{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
}{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
}{}{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
]
}