Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Operations for listing, adding, and modifying cloud provider configurations
You can manage Veza integrations using the management API and a Veza admin API key.
Use these operations to configure and manage cloud platform integrations including AWS, Azure, Google Cloud, Snowflake, SQL Server, and Trino providers. Each provider type has specific configuration requirements and optional parameters for controlling discovery scope.
Veza supports the following provider types:
AWS: Amazon Web Services accounts with support for IAM, S3, RDS, Redshift, and other services
Azure: Microsoft Azure tenants including Active Directory and SharePoint Online
Google Cloud: Google Cloud Platform projects and Google Workspace domains
Snowflake: Snowflake data warehouses and databases
SQL Server: Microsoft SQL Server instances
Trino: Trino clusters with file-based access control
For detailed integration guides, see the Integrations documentation.
You will need an API token with administrator permissions to manage provider configurations. See API Authentication for details.
All provider configurations share these common properties:
id (String): Unique identifier for the provider configuration
vendor_id (String): Provider-specific identifier (e.g., AWS account ID)
name (String): Display name for the provider
type (String): Provider type (AWS, AZURE, GOOGLE_CLOUD, etc.)
state (String): Current state (ENABLED, DISABLED)
data_plane_id (String): Insight Point ID used for discovery
status (String): Last discovery status (SUCCESS, PENDING, ERROR)
AWS provider configurations include account credentials, regions, and service-specific settings:
{
"id": "883dd869-8762-4187-8767-1c387de14b4b",
"vendor_id": "123456789010",
"name": "AWS-Production",
"type": "AWS",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"account_id": "123456789010",
"credentials_type": "ASSUME_CUSTOMER_ROLE",
"access_key_id": "AKIA6FRNZGGIOEBZ6BEA",
"assume_role_name": "VezaDiscoveryRole",
"assume_role_external_id": "veza-external-id",
"regions": [
"us-east-1",
"us-west-2",
"eu-west-1"
],
"db_user": "veza_user",
"services": [
"IAM",
"S3",
"RDS",
"REDSHIFT"
],
"s3_bucket_allow_list": ["prod-data-*"],
"s3_bucket_deny_list": ["temp-*", "test-*"],
"rds_database_allow_list": ["production"],
"rds_database_deny_list": ["temp"]
}account_id (String): AWS account ID (12-digit number)
credentials_type (String): Authentication method - STATIC, EC2_INSTANCE_PROFILE, or ASSUME_CUSTOMER_ROLE
access_key_id (String): Access key ID for static credentials
secret_key (String): Secret access key for static credentials
assume_role_name (String): IAM role name for assume role authentication
assume_role_external_id (String): External ID for assume role authentication
regions (Array): List of AWS regions to discover
db_user (String): Database username for RDS/Redshift connections
services (Array): Specific AWS services to discover (empty array = all services)
Available service values for the services array:
IAM: Identity and Access Management
S3: Simple Storage Service
RDS: Relational Database Service
REDSHIFT: Redshift data warehouses
EC2: Elastic Compute Cloud
LAMBDA: Lambda functions
EKS: Elastic Kubernetes Service
COGNITO: Cognito user pools
SECRETS_MANAGER: Secrets Manager
KMS: Key Management Service
DYNAMODB: DynamoDB tables
Use allow/deny lists to control which resources are discovered:
s3_bucket_allow_list: S3 bucket names to include (supports wildcards)
s3_bucket_deny_list: S3 bucket names to exclude
rds_database_allow_list: RDS database names to include
rds_database_deny_list: RDS database names to exclude
redshift_database_allow_list: Redshift database ARNs to include
redshift_database_deny_list: Redshift database ARNs to exclude
For detailed AWS setup instructions, see Amazon Web Services Integration.
Azure provider configurations include tenant authentication and service settings:
{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "contoso.onmicrosoft.com",
"name": "Azure-Production",
"type": "AZURE",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"tenant_id": "12345678-1234-1234-1234-123456789012",
"client_id": "87654321-4321-4321-4321-210987654321",
"services": [
"AZUREAD",
"SHAREPOINT",
"SQLSERVER"
],
"gather_guest_users": true,
"gather_disabled_users": false,
"gather_personal_sites": true,
"domains": ["contoso.com"],
"sql_server_database_allow_list": ["production"],
"sql_server_database_deny_list": ["temp"]
}tenant_id (String): Azure Active Directory tenant ID
client_id (String): Application (client) ID for service principal
client_secret (String): Client secret for authentication
auth_certificate (String): Certificate for SharePoint app-only access
auth_certificate_password (String): Certificate password
services (Array): Azure services to discover
gather_guest_users (Boolean): Include guest users in discovery
gather_disabled_users (Boolean): Include disabled users
gather_personal_sites (Boolean): Include personal SharePoint sites
domains (Array): Specific domains to discover
For detailed Azure setup instructions, see Azure Integration.
Google Cloud provider configurations include service account credentials and project settings:
{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "gcp-project-id",
"name": "GCP-Production",
"type": "GOOGLE_CLOUD",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"customer_id": "C01234567",
"workspace_email": "[email protected]",
"project_allow_list": ["prod-project-1", "prod-project-2"],
"project_deny_list": ["test-*"],
"domain_allow_list": ["company.com"],
"domain_deny_list": [],
"services": [
"IAM",
"STORAGE",
"COMPUTE",
"WORKSPACE",
"BIGQUERY"
],
"dataset_allow_list": ["analytics", "reporting"],
"dataset_deny_list": ["temp_*"]
}credentials_json (String): Service account key JSON
customer_id (String): Google Workspace customer ID
workspace_email (String): Workspace user email for service account impersonation
project_allow_list (Array): GCP project names to include
project_deny_list (Array): GCP project names to exclude
domain_allow_list (Array): Workspace domains to include
domain_deny_list (Array): Workspace domains to exclude
dataset_allow_list (Array): BigQuery dataset names to include
dataset_deny_list (Array): BigQuery dataset names to exclude
For detailed Google Cloud setup instructions, see Google Cloud Integration.
Snowflake provider configurations include connection details and database filtering:
{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "xy12345.us-east-1",
"name": "Snowflake-Production",
"type": "SNOWFLAKE",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"account_locator": "xy12345",
"region": "us-east-1",
"cloud": "aws",
"user": "veza_user",
"role": "VEZA_ROLE",
"warehouse": "COMPUTE_WH",
"database_allow_list": ["PROD_DB", "ANALYTICS_DB"],
"database_deny_list": ["TEMP_DB", "TEST_DB"]
}account_locator (String): Snowflake account locator (e.g., "xy12345")
region (String): Cloud region for the Snowflake account
cloud (String): Cloud provider ("aws", "azure", or "gcp")
user (String): Snowflake username for authentication
password (String): Password for the Snowflake user
role (String): Snowflake role to use for queries
warehouse (String): Default warehouse for compute
database_allow_list (Array): Database names to include
database_deny_list (Array): Database names to exclude
For detailed Snowflake setup instructions, see Snowflake Integration.
SQL Server provider configurations include connection details and database filtering:
{
"id": "90112ed7-47e7-48e6-9f05-c02d19d7f137",
"vendor_id": "sqlserver.company.com",
"name": "SQL-Production",
"type": "SQL_SERVER",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"host": "sqlserver.company.com",
"port": 1433,
"username": "veza_user",
"database_allow_list": ["ProductionDB", "AnalyticsDB"],
"database_deny_list": ["TempDB", "TestDB"],
"schema_allow_list": ["dbo", "analytics"],
"schema_deny_list": ["temp"]
}host (String): SQL Server hostname or IP address
port (Integer): Port number (typically 1433)
username (String): SQL Server username
password (String): Password for authentication
database_allow_list (Array): Database names to include
database_deny_list (Array): Database names to exclude
schema_allow_list (Array): Schema names to include
schema_deny_list (Array): Schema names to exclude
For detailed SQL Server setup instructions, see SQL Server Integration.
Trino provider configurations include cluster connection details and S3 access control file settings:
{
"id": "fa04e92f-6e0d-4285-ba58-86a20c6941ff",
"vendor_id": "trino.company.com",
"name": "Trino-Production",
"type": "TRINO",
"state": "ENABLED",
"data_plane_id": "a2e32a80-9d64-4725-b4a9-8de6ffd0682b",
"status": "SUCCESS",
"host": "trino.company.com",
"port": 8080,
"username": "veza_user",
"aws_s3_object_config": {
"access_key": "AKIA...",
"region": "us-east-1",
"bucket": "trino-config",
"object": "access-control.properties",
"credentials_type": "STATIC",
"assume_role_name": "",
"account_id": ""
},
"ssl_certificate": "-----BEGIN CERTIFICATE-----\n..."
}host (String): Trino coordinator hostname
port (Integer): Trino coordinator port (typically 8080 or 8443)
username (String): Trino username
password (String): Password for authentication
aws_s3_object_config (Object): S3 configuration for access control file
ssl_certificate (String): TLS certificate for secure connections
The aws_s3_object_config object contains:
access_key (String): AWS access key ID
secret_key (String): AWS secret access key
region (String): S3 bucket region
bucket (String): S3 bucket name
object (String): Path to access control file
credentials_type (String): Authentication method
assume_role_name (String): IAM role name (for assume role)
assume_role_external_id (String): External ID for assume role
account_id (String): AWS account ID
For detailed Trino setup instructions, see Trino Integration.
All provider API operations return standard HTTP status codes:
200 OK: Request successful
400 Bad Request: Invalid request parameters or payload
401 Unauthorized: Invalid or missing API token
403 Forbidden: Insufficient permissions
404 Not Found: Provider configuration not found
409 Conflict: Provider configuration already exists
500 Internal Server Error: Server error
Error responses include a descriptive message and error code:
{
"error": {
"code": "INVALID_CREDENTIALS",
"message": "The provided credentials are invalid or expired",
"details": "AWS STS AssumeRole failed with error: Access denied"
}
}When managing provider configurations:
Use descriptive names that identify the environment and purpose
Implement least privilege by configuring only necessary services and resources
Use allow lists rather than deny lists when possible for better security
Test configurations in development environments before production
Monitor discovery status regularly to ensure successful data collection
Rotate credentials according to your organization's security policies
Use assume role authentication for AWS providers when possible
Configure resource filtering to limit discovery scope and improve performance
Programmatic configuration of providers and data sources
The Veza management API enables internal tooling to automate administration of cloud providers and data sources. Each supported provider has endpoints to get, create, and modify the current configurations, which can be useful when integrating with environments spanning many provider accounts.
A data plane ID is required when adding a custom provider. This value refers to the Insight Point used for discovery, or the GUID of the built-in data plane. To get all available IDs, navigate to Administration > Insight Point. Unless you have deployed an Insight Point within your environment, the only entry will be for the internal data plane.
If a request is unsuccessful, an error message will provide additional details and troubleshooting steps.
You can issue new API keys from Administration > API Keys > Add New API Key. Provide the key as the bearer auth token in the header of each request.
Users must have the admin role to add/modify provider configurations. Configurations can be viewed by users with the operator role.
Register Accounts - Use the management API to add multiple AWS accounts from CSV.
Veza Python Client - Simple Python class for making REST API calls to Veza.
Cloud Formation Stacks - Configure multiple AWS accounts for Veza discovery by enabling the required assume role operations and IAM permissions.
If your organization uses applications, data sources, or identity providers not natively supported by Veza, you may be able to add them to your data catalog using Open Authorization APIs. You will need to query the provider to retrieve entity and permissions metadata and push the payload to Veza for parsing in a template format.
Endpoints for administering custom resources (/providers/custom/*)are described here.
This guide explains how to disable specific AWS services across multiple AWS integrations (providers) using the Veza API. Limiting AWS service extraction can reduce processing overhead, help teams focus on relevant services, or exclude analytics platforms like DATABRICKS that may not be deployed or required for visibility in Veza. This is particularly useful for organizations with many AWS accounts who need to disable unused services at scale.
In the JSON AWS provider configuration, the services array acts as an allow list that controls which AWS services Veza will discover and extract:
Empty array [] = All available AWS services are enabled for discovery
Populated array = Only the listed services are enabled; all others are disabled
To disable specific services, you must populate the array with only the services you want to monitor.
Before you update AWS provider services, ensure:
You have API access credentials for your Veza instance (see for API key setup)
You have the VEZA_TOKEN environment variable configured
You have the VEZA_URL environment variable set to your instance (e.g., https://yourcompany.cookiecloud.ai)
You have appropriate permissions to modify provider configurations
You understand that empty services arrays mean ALL services are enabled
First, retrieve all AWS provider configurations to understand your current setup:
Understanding the response:
Providers with empty services: [] arrays have ALL services enabled
Providers with populated services arrays only extract the listed services
Note the id, name, and account_id fields for providers you want to modify
Example response structure:
Identify which providers to modify based on:
Provider names that match your AWS accounts
Account IDs that correspond to your AWS accounts
Current services configuration
Determine your desired services configuration:
Option A: Disable DATABRICKS only
Option B: Enable only specific services
Option C: Custom configuration
Review the below
Create your own array with desired services
Before updating all providers, test with one provider first:
Verify the change:
Check that the response shows your desired services array.
Update each provider individually using their specific IDs:
Create a script for bulk updates. Use with caution as this affects all AWS providers:
After updating providers, verify the changes took effect:
To return a provider to monitoring all services:
To change which services are monitored:
The following AWS services can be included in the services array:
S3 - Simple Storage Service
RDS_POSTGRES - PostgreSQL databases
RDS_MYSQL - MySQL databases
RDS_ORACLE - Oracle databases
RDS - General RDS service
DYNAMODB - DynamoDB NoSQL database
REDSHIFT - Redshift data warehouse
REDSHIFT_CLUSTER - Redshift cluster management
EC2 - Elastic Compute Cloud (virtual machines)
LAMBDA - Serverless functions
EKS - Elastic Kubernetes Service
ECR - Elastic Container Registry
EMR - Elastic MapReduce (big data)
AWS_IAM - Identity and Access Management
KMS - Key Management Service
SECRETS_MANAGER - AWS Secrets Manager
COGNITO - User authentication service
SSO - AWS Single Sign-On
ORGANIZATIONS - AWS Organizations
DATABRICKS - Analytics platform
Important notes:
Service availability may vary by Veza version and configuration
Some services may require specific permissions or setup
When in doubt, check your Veza UI to see which services are available for your AWS providers
Detailed integration status and progress info for running jobs.
Returns the most recent job type, state, status, and progress for a Veza datasource.
sync jobs are connections to the integration to extract identity and authorization metadata
parse jobs compile the extracted metadata into graph entities and relationships
Use to get overall integration state and a summary of last sync and parse time.
States can be:
PENDING
IN_PROGRESS
COMPLETED
Status can be:
OK
CANCELED
DEADLINE_EXCEEDED
NOT_FOUND
PERMISSION_DENIED
UNAUTHENTICATED
UNAVAILABLE
INTERNAL
FAILED_PRECONDITION
Data sources time out after a heartbeat hasn’t been received or changed in a period of time (typically 24 hours).
Parse jobs have the PARSE type.
Sync jobs types can be:
DISCOVERY
EXTRACTION
The job_status response will contain stats with detailed timestamps and progress on the active step, including the current_count of discovered or parsed objects. A total_count is shown for completed steps.
curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws"{
"values": [
{
"id": "12345678-1234-5678-9012-123456789012",
"name": "Production AWS Account",
"account_id": "123456789012",
"services": [],
"state": "ENABLED"
},
{
"id": "87654321-4321-8765-2109-876543210987",
"name": "Development AWS Account",
"account_id": "987654321098",
"services": ["S3", "RDS_POSTGRES", "LAMBDA"],
"state": "ENABLED"
}
]
}{
"services": [
"REDSHIFT", "REDSHIFT_CLUSTER", "S3", "RDS_POSTGRES", "RDS_MYSQL",
"RDS_ORACLE", "RDS", "DYNAMODB", "KMS", "EMR", "ORGANIZATIONS",
"EC2", "SSO", "COGNITO", "LAMBDA", "EKS", "SECRETS_MANAGER",
"ECR", "AWS_IAM"
]
}{
"services": [
"S3", "RDS_POSTGRES", "LAMBDA", "EC2", "AWS_IAM"
]
}# Replace with your actual provider ID and desired services
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d '{"services":["S3","RDS_POSTGRES","LAMBDA","EC2","AWS_IAM"]}' \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_HERE"curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_HERE"# Example for multiple providers - replace with your actual IDs and services
DESIRED_SERVICES='["S3","RDS_POSTGRES","DYNAMODB","LAMBDA","EC2","AWS_IAM"]'
# Provider 1
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$DESIRED_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_1"
# Provider 2
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$DESIRED_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID_2"#!/bin/bash
# Configuration - CUSTOMIZE THESE VALUES
VEZA_URL="https://yourcompany.cookiecloud.ai"
DESIRED_SERVICES='["S3","RDS_POSTGRES","DYNAMODB","LAMBDA","EC2","AWS_IAM"]'
echo "Starting bulk AWS provider services update..."
echo "Target services: $DESIRED_SERVICES"
echo ""
# Get all AWS provider IDs
provider_ids=$(curl -s -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws" | \
jq -r '.values[].id')
if [ -z "$provider_ids" ]; then
echo "Error: No AWS providers found or API call failed"
exit 1
fi
# Count providers
provider_count=$(echo "$provider_ids" | wc -l)
echo "Found $provider_count AWS providers to update"
echo ""
# Add confirmation prompt
read -p "Continue with bulk update? (y/N): " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Update cancelled"
exit 0
fi
# Update each provider
echo "$provider_ids" | while read provider_id; do
if [ -n "$provider_id" ]; then
echo "Updating provider: $provider_id"
response=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$DESIRED_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/$provider_id")
http_status=$(echo "$response" | grep "HTTP_STATUS" | cut -d: -f2)
if [ "$http_status" = "200" ]; then
echo "✓ Successfully updated provider $provider_id"
else
echo "✗ Failed to update provider $provider_id (HTTP $http_status)"
echo "Response: $(echo "$response" | grep -v "HTTP_STATUS")"
fi
echo ""
fi
done
echo "Bulk update completed"# Check all providers
curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws" | \
jq '.values[] | {id: .id, name: .name, services: .services}'
# Check specific provider
curl -H "Authorization: Bearer $VEZA_TOKEN" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID" | \
jq '{id: .id, name: .name, services: .services}'curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d '{"services":[]}' \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID"# Example: Enable different set of services
NEW_SERVICES='["S3","LAMBDA","DYNAMODB","EC2"]'
curl -X PATCH \
-H "Authorization: Bearer $VEZA_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"services\":$NEW_SERVICES}" \
"$VEZA_URL/api/v1/providers/aws/YOUR_PROVIDER_ID"GET
List Parse Job Status
api/v1/providers/datasources/{id}/parse_status
GET
List Sync Job Status
api/v1/providers/datasources/{id}/sync_status
{
"job_status": {
"job_id": "59428cf3-a3ed-4989-8b9e-a96e4af1e45b",
"job_type": "PARSE",
"state": "COMPLETED",
"status": "OK",
"started_at": "2023-02-01T04:37:00.007678769Z",
"duration": "0.683888613s",
"stats": { "started_at": null, "finished_at": null, "steps": [] }
}
}{
"job_status": {
"job_id": "f3cb7fb0-82c3-4ab6-9fdf-b88d93478ebb",
"job_type": "EXTRACTION",
"state": "COMPLETED",
"status": "OK",
"started_at": "2023-02-22T06:27:25.480075100Z",
"duration": "0.569382661s",
"stats": {
"started_at": "2023-02-22T06:27:25.530741076Z",
"finished_at": "2023-02-22T06:27:26.100138149Z",
"steps": [
{
"name": "Regions",
"state": "COMPLETED",
"started_at": "2023-02-22T06:27:25.530844874Z",
"finished_at": "2023-02-22T06:27:26.099752432Z",
"current_count": 4,
"total_count": 4
}
]
}
}
}Operations for disabling, enabling, and renaming individual data sources
Each cloud provider will have one or more associated data sources. Each represents a discrete instance of a service that Veza connects to for the discovery and extraction of authorization metadata.
The provider under /providers/aws/{id}, for example, may have an associated EC2 data source, represented as:
{
"id": "6961b032-3fd7-4baa-a230-146d1b70ec27",
"name": "AWS EC2 (527398259632)",
"datasource_type": "EXTRACTOR",
"agent_type": "AWS_EC2",
"status": "SUCCESS",
"provider_id": "cd0cf102-e86c-4599-9cbe-64d2c6b83236",
"path": "AWS/ec2",
"state": "ENABLED",
"effective_state": "ENABLED",
"datasource_config": null,
"created_at": "2021-10-26T07:10:38Z",
"updated_at": "2021-10-26T07:10:38Z",
"synced_at": "2022-01-13T20:53:23Z",
"parsed_at": "2022-01-13T20:53:29Z"
}You can use the API to get or update data source records, or enable and disable individual data sources.
Disabling a data source will cancel all pending extractions.
GET {{VezaUrl}}/api/v1/providers/datasources
Returns the properties and status for all data sources. When filtering is applied, only data sources matching the filter will be returned.
For example: ?filter=datasource_type+eq+"discoverer"&order_by=state
Veza expects spaces in URLS encoded as + (?custom_template+eq+"idp"&order_by=state). Note that some libraries and clients will encode spaces as %2B by default, which will cause errors unless you override this behavior.
* indicates a required field.
filter
string
When present, only returns data sources matching the filter string. Available options:
name
,
agent_type
,
status
,
state
,
name
,
provider_id
,
data_provider_id
,
datasource_type
order_by
string
Sort results by
name
,
agent_type
,
status
,
state
,
name
,
provider_id
,
data_provider_id
, or
datasource_type
.
page_size
int
The maximum number of results to return. Fewer results may be returned even when more pages exist.
page_token
string
The token specifying the specific page of results to retrieve.
{
"values": [
{
"id": "string",
"name": "string",
"datasource_type": "string",
"agent_type": "string",
"status": "string",
"provider_id": "string",
"path": "string",
"state": "string",
"effective_state": "string",
"created_at": "string",
"updated_at": "string",
"synced_at": "string",
"parsed_at": "string"
}
],
"next_page_token": "ec67g",
"has_more": false
}GET {{VezaUrl}}/api/v1/providers/datasources/{id}
Returns status for an individual data source.
* indicates a required field.
id*
string
The data source ID
{
"value": {
"id": "string",
"name": "string",
"datasource_type": "string",
"agent_type": "string",
"status": "string",
"provider_id": "string",
"path": "string",
"state": "string",
"effective_state": "string",
"created_at": "string",
"updated_at": "string",
"synced_at": "string",
"parsed_at": "string"
}
}PUT {{VezaUrl}}/api/v1/providers/datasources/{id}
Update the name for a given data source ID.
* indicates a required field.
id*
string
The data source ID
name
string
New name for the data source
{
"value": {
"id": "string",
"name": "string",
"datasource_type": "string",
"agent_type": "string",
"status": "string",
"provider_id": "string",
"path": "string",
"state": "string",
"effective_state": "string",
"created_at": "string",
"updated_at": "string",
"synced_at": "string",
"parsed_at": "string"
}
}PUT {{VezaUrl}}/api/v1/providers/datasources/{id}:disable
Pause discovery and extraction for a data source.
* indicates a required field.
id*
string
The data source ID
{}PUT {{VezaUrl}}/api/v1/providers/datasources/{id}:enable
Resume monitoring and queue the data source for extraction.
* indicates a required field.
id
string
The data source ID
{}providers/customSee Open Authorization API and [OAA Operations](.../../oaa/rest-api/operations.md.
API endpoints for configuring Okta and OneLogin
You can manage Veza Identity Provider integrations using the management API and a Veza admin API key.
providers/activedirectorySee the configuration guide for the prerequisite steps to integrate Active Directory with Veza. An AD configuration has the following parameters:
{
"ad_fqdn": "FQDN.NAME.ON.CERT",
"name": "Test-AD",
"host": "FQDN.FOR.DOMAIN.CONTROLLER",
"port": 636,
"ldaps_certificate": "Base64 Encoded String of PEM format",
"username": "ADMIN",
"password": "PASSWORD",
"domains": ["FQDN.OF.DOMAIN"],
"data_plane_id": "DATAPLAN_ID"
}curl --location --request GET '/api/v1/providers/activedirectory' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN'The response will include all existing configurations, in the format:
{
"values": [
{
"id": "interation-GUID",
"vendor_id": "domain.controller.FQDN",
"name": "ad_cct01",
"type": "ACTIVE_DIRECTORY",
"state": "ENABLED",
"data_plane_id": "insight-point-GUID",
"status": "SUCCESS",
"host": "domain.controller.FQDN",
"port": 636,
"username": "read.only",
"domains": [
"corp.cookie.ai"
],
"ad_fqdn": "cct01-ad-01.corp.cookie.ai",
"identity_mapping_configuration": null
}
]
}curl --location --request POST '/api/v1/providers/activedirectory' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"ad_fqdn": "FQDN.NAME.ON.CERT",
"name": "Test-AD",
"host": "FQDN.FOR.DOMAIN.CONTROLLER",
"port": 636,
"ldaps_certificate": "Base64 Encoded String of PEM format",
"username": "ADMIN",
"password": "PASSWORD",
"domains": ["FQDN.OF.DOMAIN"],
"data_plane_id": "DATAPLAN_ID"
}'curl --location --request POST '/api/v1/providers/activedirectory' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"ad_fqdn": "FQDN.NAME.ON.CERT",
"name": "Test-AD",
"host": "FQDN.FOR.DOMAIN.CONTROLLER",
"port": 636,
"ldaps_certificate": "Base64 Encoded String of PEM format",
"username": "ADMIN",
"password": "PASSWORD",
"domains": ["FQDN.OF.DOMAIN"],
"data_plane_id": "DATAPLAN_ID"
}'curl --location --request DELETE '/api/v1/providers/activedirectory/{{provider_id}}' \
--header 'Authorization: Bearer TOKEN'curl --location --request PATCH '/api/v1/providers/azure/{{provider_id}}' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
"port": 636
}'providers/oktaAn Okta configuration includes connection information and credentials, as well as any limits on apps and domains to extract:
{
"id": "string",
"domain": "string",
"region": "string",
"token": "string",
"gather_all_applications": true,
"domain_allow_list": [
"string"
],
"domain_deny_list": [
"string"
],
"app_allow_list": [
"string"
],
"app_deny_list": [
"string"
]
}See the Okta integration guide for more details on retrieving an Okta API token and registering your domain with Veza.
GET {{vezaURL}}/api/v1/providers/okta
Get the configuration and status for all configured Okta integrations.
* indicates a required field.
{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
]
}POST {{vezaURL}}/api/v1/providers/okta
Submit a new Okta provider configuration.
* indicates a required field.
name*
string
Name for the Okta Provider
domain*
string
Okta domain
region*
string
The Okta region
us
data_plane_id
string
Provide if connecting via an Insight Point
token*
string
Okta API token
gather_all_applications
boolean
Whether to extract all apps or only selected
domain_allow_list
string list
Domains to explicitly allow
domain_deny_list
string list
Domains to exclude from discovery
app_allow_list
string list
Apps to explicitly allow
app_deny_list
string list
Apps to exclude from discovery
{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
]
}GET {{vezaURL}}/api/v1/providers/okta/{id}
Get an individual Okta provider configuration.
* indicates a required field.
id*
string
The Okta provider configuration ID
{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
}DELETE {{vezaURL}}/api/v1/providers/okta/{id}
Delete an Okta provider, removing all associated entities from Veza.
* indicates a required field.
id
string
ID of the configuration to delete
{}PATCH {{vezaURL}}/api/v1/providers/okta/{id}
Update an existing provider configuration with new properties.
* indicates a required field.
{id}*
string
The Okta provider configuration ID
update_mask.paths
array[string]
the set of field mask paths
domain
string
region
string
token
string
{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string"
}
}providers/oneloginA OneLogin configuration includes the domain, region, and credentials to use for the connection:
{
"name": "string",
"domain": "string",
"region": "string",
"client_id": "string",
"client_secret": "string",
"data_plane_id": "string"
}See connecting to OneLogin for steps to generate credentials for Veza-OneLogin API access.
GET {{vezaURL}}/api/v1/providers/onelogin
Gets all configured OneLogin providers.
* indicates a required field.
{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
]
}POST {{vezaURL}}/api/v1/providers/onelogin
Submit a new OneLogin provider configuration. See
for more information about enabling Veza access to OneLogin metadata.
* indicates a required field.
name*
string
The name to show in Veza
domain*
string
Your company's OneLogin domain
region*
string
The region of the Onelogin instance, e.g.
us
client_id*
string
Client ID for the OneLogin key pair
client_secret*
string
Client Secret for the OneLogin ID pair
data_plane_id
string
Insight Point ID to use for the connection
{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
}GET {{vezaURL}}/api/v1/providers/onelogin/{id}
Return the status and configuration for a single OneLogin provider configuration.
* indicates a required field.
id*
string
OneLogin provider ID
{
"value": {
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
}DELETE {{vezaURL}}/api/v1/providers/onelogin/{id}
Delete a OneLogin configuration and its discovered entities.
* indicates a required field.
id*
string
The OneLogin configuration to delete
{}PATCH {{VezaURL}}/api/v1/providers/onelogin/{id}
Update a OneLogin provider configuration. You can provide field mask paths to only update specific fields.
* indicates a required field.
{id}*
string
ID of the OneLogin configuration to update
update_mask.paths
array[string]
The set of field mask paths
name*
string
domain*
string
region*
string
client_id*
string
client_secret*
string
data_plane_id
string
{
"values": [
{
"id": "string",
"vendor_id": "string",
"name": "string",
"type": "UNKNOWN_PROVIDER",
"state": "STARTED",
"data_plane_id": "string",
"status": "PENDING",
"domain": "string",
"region": "string",
"client_id": "string"
}
]
}API operations for enabling and disabling provider connections
The v1/providers API includes endpoints to enable or disable integrations by provider id. This allows you to temporarily pause data extraction and synchronization for specific providers when needed, without deleting the configuration.
The provider_id value should be obtained from the provider listing APIs (e.g., /api/v1/providers/aws for AWS providers)
Activate a provider connection that was disabled.
curl -X PUT \
"https://{tenant}.vezacloud.com/api/v1/providers/{id}:enable" \
-H "accept: application/json" \
-H "Authorization: Bearer {your_api_key}"Deactivates a provider connection until it is-renabled, preserving the configured settings.
curl -X PUT \
"https://{tenant}.vezacloud.com/api/v1/providers/{id}:disable" \
-H "accept: application/json" \
-H "Authorization: Bearer {your_api_key}"GET /api/v1/providers/aws HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true
}
]
}POST /api/v1/providers/aws HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 1028
{
"name": "text",
"account_id": "text",
"regions": [
"text"
],
"data_plane_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"secret_key": "text",
"assume_role_name": "text",
"assume_role_external_id": "text",
"db_user": "text",
"rds_postgres_user": "text",
"rds_mysql_user": "text",
"rds_oracle_user": "text",
"rds_oracle_password": "text",
"redshift_user": "text",
"services": [
1
],
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"rds_db_level_only": true,
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"provisioning_scim_token": "text"
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true
}
}GET /api/v1/providers/aws/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true
}
}PATCH /api/v1/providers/aws/{provider.id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 1026
{
"id": "text",
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"secret_key": "text",
"assume_role_name": "text",
"assume_role_external_id": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"rds_oracle_password": "text",
"services": [
1
],
"data_plane_id": "text",
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_rds_oracle_system_schemas": true,
"gather_postgresql_system_schemas": true,
"rds_db_level_only": true,
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"provisioning_scim_token": "text"
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"redshift_database_allow_list": [
"text"
],
"redshift_database_deny_list": [
"text"
],
"rds_database_allow_list": [
"text"
],
"rds_database_deny_list": [
"text"
],
"s3_bucket_allow_list": [
"text"
],
"s3_bucket_deny_list": [
"text"
],
"extraction_policy_name": "text",
"gather_system_tables": true,
"gather_postgresql_system_schemas": true,
"gather_rds_oracle_system_schemas": true,
"team_id": "text",
"rds_db_level_only": true,
"account_id": "text",
"credentials_type": 1,
"access_key_id": "text",
"assume_role_name": "text",
"regions": [
"text"
],
"db_user": "text",
"redshift_user": "text",
"rds_mysql_user": "text",
"rds_postgres_user": "text",
"rds_oracle_user": "text",
"services": [
1
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"audit_log_cloud_trail_name": "text",
"audit_log_cloud_trail_region": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"databricks_oauth_m2m_credentials": {
"client_id": "text",
"client_secret": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"provisioning_identity_store_id": "text",
"provisioning_scim_endpoint": "text",
"audit_log_extract_for_org": true,
"audit_log_skip_extraction": true
}
}DELETE /api/v1/providers/aws/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}GET /api/v1/providers/aws:trustpolicy HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"trust_policy_json": "text"
}GET /api/v1/providers/aws/{id}:checkpolicy HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"requires_update": true,
"aws_account_id": "text",
"current_policy": "text",
"required_policy": "text",
"required_actions": [
"text"
],
"overprivileged_actions": [
"text"
]
}GET /api/v1/providers/azure HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1
}
],
"provisioning": true,
"lifecycle_management_state": 1
}
]
}POST /api/v1/providers/azure HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 1574
{
"name": "text",
"tenant_id": "text",
"client_id": "text",
"client_secret": "text",
"data_plane_id": "text",
"auth_certificate": "text",
"auth_certificate_password": "text",
"services": [
1
],
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"dynamics_erp_environments": [
"text"
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"gather_postgresql_system_schemas": true,
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1
}
],
"provisioning": true
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1
}
],
"provisioning": true,
"lifecycle_management_state": 1
}
}GET /api/v1/providers/azure/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1
}
],
"provisioning": true,
"lifecycle_management_state": 1
}
}PATCH /api/v1/providers/azure/{provider.id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 1572
{
"id": "text",
"tenant_id": "text",
"client_id": "text",
"client_secret": "text",
"auth_certificate": "text",
"auth_certificate_password": "text",
"services": [
1
],
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"dynamics_erp_environments": [
"text"
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"gather_postgresql_system_schemas": true,
"data_plane_id": "text",
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1
}
],
"provisioning": true
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"gather_guest_users": true,
"gather_disabled_users": true,
"domains": [
"text"
],
"gather_personal_sites": true,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"government_cloud": 1,
"extract_pim_eligibility": true,
"dynamics365_environments": [
"text"
],
"team_id": "text",
"dynamics_erp_environments": [
"text"
],
"account_id": "text",
"tenant_id": "text",
"client_id": "text",
"services": [
1
],
"sql_server_database_allow_list": [
"text"
],
"sql_server_database_deny_list": [
"text"
],
"sql_server_schema_allow_list": [
"text"
],
"sql_server_schema_deny_list": [
"text"
],
"sql_server_gather_system_databases": true,
"gather_postgresql_system_schemas": true,
"postgresql_username": "text",
"postgresql_password": "text",
"postgresql_database_allow_list": [
"text"
],
"postgresql_database_deny_list": [
"text"
],
"postgresql_schema_allow_list": [
"text"
],
"postgresql_schema_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"sharepoint_site_allow_list": [
"text"
],
"sharepoint_site_deny_list": [
"text"
],
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
},
"user_custom_properties": [
{
"name": "text",
"type": 1
}
],
"provisioning": true,
"lifecycle_management_state": 1
}
}DELETE /api/v1/providers/azure/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}GET /api/v1/providers/google_cloud HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
]
}POST /api/v1/providers/google_cloud HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 1039
{
"name": "text",
"credentials_json": "text",
"data_plane_id": "text",
"workspace_email": "text",
"customer_id": "text",
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"services": [
1
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"oauth_config": "text",
"oauth_token": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}GET /api/v1/providers/google_cloud/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}PATCH /api/v1/providers/google_cloud/{provider.id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 1037
{
"id": "text",
"credentials_json": "text",
"workspace_email": "text",
"customer_id": "text",
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"services": [
1
],
"data_plane_id": "text",
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"oauth_config": "text",
"oauth_token": "text",
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"workspace_email": "text",
"customer_id": "text",
"services": [
1
],
"project_allow_list": [
"text"
],
"project_deny_list": [
"text"
],
"domain_allow_list": [
"text"
],
"domain_deny_list": [
"text"
],
"dataset_allow_list": [
"text"
],
"dataset_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"location_allow_list": [
"text"
],
"location_deny_list": [
"text"
],
"databricks_cloud_config": {
"account_id": "text",
"tag_name_collector_cluster": "text"
},
"provisioning": true,
"lifecycle_management_state": 1,
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"identity_mapping_configuration": {
"mappings": [
{
"destination_datasource_type": "text",
"destination_datasource_oaa_app_type": "text",
"type": 1,
"mode": 1,
"transformations": [
1
],
"custom_value": "text",
"property_matchers": [
{
"source_property": 1,
"destination_property": 1,
"custom_source_property": "text",
"custom_destination_property": "text"
}
],
"id_matchers": [
{
"source_id": "text",
"destination_id": "text"
}
],
"destination_datasources": [
{
"type": "text",
"oaa_app_type": "text"
}
]
}
],
"use_email": true
}
}
}DELETE /api/v1/providers/google_cloud/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}GET /api/v1/providers/snowflake HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true
}
]
}POST /api/v1/providers/snowflake HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 743
{
"name": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"password": "text",
"role": "text",
"warehouse": "text",
"data_plane_id": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"alternative_database_name": "text",
"authentication_method": 1,
"private_key": "text",
"private_key_password": "text",
"extract_tags": true,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"export_private_key": "text",
"export_private_key_password": "text",
"export_password": "text",
"provisioning": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true
}
}GET /api/v1/providers/snowflake/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true
}
}PATCH /api/v1/providers/snowflake/{provider.id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 741
{
"id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"password": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"alternative_database_name": "text",
"authentication_method": 1,
"private_key": "text",
"private_key_password": "text",
"extract_tags": true,
"data_plane_id": "text",
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"export_private_key": "text",
"export_private_key_password": "text",
"export_password": "text",
"gather_masking_policies": true,
"provisioning": true,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text"
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"account_locator": "text",
"region": "text",
"cloud": "text",
"user": "text",
"role": "text",
"warehouse": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"audit_log": {
"state": 1,
"status": 1,
"cursor": "2025-07-13T13:44:17.314Z",
"synced_at": "2025-07-13T13:44:17.314Z"
},
"alternative_database_name": "text",
"authentication_method": 1,
"extract_tags": true,
"provisioning": true,
"lifecycle_management_state": 1,
"export_database": "text",
"export_schema": "text",
"export_user": "text",
"export_role": "text",
"export_authentication_method": 1,
"connection_type": 1,
"account_name": "text",
"org_name": "text",
"private_link": true,
"alternative_account_usage_schema_name": "text",
"gather_masking_policies": true
}
}DELETE /api/v1/providers/snowflake/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}GET /api/v1/providers/sqlserver HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}
]
}POST /api/v1/providers/sqlserver HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 269
{
"name": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"data_plane_id": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}{
"id": "text"
}GET /api/v1/providers/sqlserver/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}PATCH /api/v1/providers/sqlserver/{provider.id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 267
{
"id": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text",
"data_plane_id": "text"
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"database_allow_list": [
"text"
],
"database_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"gather_system_databases": true,
"instance_name": "text"
}
}DELETE /api/v1/providers/sqlserver/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}GET /api/v1/providers/trino HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"values": [
{
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
]
}POST /api/v1/providers/trino HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 506
{
"name": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"data_plane_id": "text",
"aws_s3_object_config": {
"access_key": "text",
"secret_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"assume_role_external_id": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
}GET /api/v1/providers/trino/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
}PATCH /api/v1/providers/trino/{provider.id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Content-Type: application/json
Accept: */*
Content-Length: 504
{
"id": "text",
"host": "text",
"port": 1,
"username": "text",
"password": "text",
"aws_s3_object_config": {
"access_key": "text",
"secret_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"assume_role_external_id": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
],
"data_plane_id": "text"
}{
"value": {
"id": "text",
"vendor_id": "text",
"name": "text",
"type": 1,
"state": 1,
"data_plane_id": "text",
"status": 1,
"team_id": "text",
"host": "text",
"port": 1,
"username": "text",
"aws_s3_object_config": {
"access_key": "text",
"region": "text",
"bucket": "text",
"object": "text",
"credentials_type": 1,
"assume_role_name": "text",
"account_id": "text"
},
"ssl_certificate": "text",
"catalog_allow_list": [
"text"
],
"catalog_deny_list": [
"text"
],
"schema_allow_list": [
"text"
],
"schema_deny_list": [
"text"
],
"table_allow_list": [
"text"
],
"table_deny_list": [
"text"
]
}
}DELETE /api/v1/providers/trino/{id} HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}PUT /api/v1/providers/{id}:enable HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}PUT /api/v1/providers/{id}:disable HTTP/1.1
Host:
Authorization: Bearer Bearer <API key>
Accept: */*
{}