diff --git a/api-spec/openapiSpecv3-2_0.json b/api-spec/openapiSpecv3-2_0.json
index 4115f1a2..b9a6d85a 100644
--- a/api-spec/openapiSpecv3-2_0.json
+++ b/api-spec/openapiSpecv3-2_0.json
@@ -85,6 +85,14 @@
],
"description": "Roles for version 9.9.0.cl"
},
+ {
+ "name": "26.2.0.cl",
+ "id": "26.2.0.cl",
+ "tags": [
+ "26.2.0.cl"
+ ],
+ "description": "Roles for version 26.2.0.cl"
+ },
{
"name": "9.6.0.cl",
"id": "9.6.0.cl",
@@ -2055,7 +2063,7 @@
"/api/rest/2.0/connection-configurations/create": {
"post": {
"operationId": "createConnectionConfiguration",
- "description": "\n Version: 10.12.0.cl or later\n\nCreates an additional configuration to an existing connection to a data warehouse. \n\nRequires `DATAMANAGEMENT` (**Can manage data**) or `ADMINISTRATION` (**Can administer ThoughtSpot**) privilege.\n\nIf [Role-Based Access Control (RBAC)](https://developers.thoughtspot.com/docs/rbac) is enabled on your instance, the `CAN_CREATE_OR_EDIT_CONNECTIONS` (**Can create/edit Connections**) privilege is required.\n\n#### Usage guidelines\n\n * A JSON map of configuration attributes in `configuration`. The following example shows the configuration attributes:\n ```\n {\n \"user\":\"DEV_USER\",\n \"password\":\"TestConn123\",\n \"role\":\"DEV\",\n \"warehouse\":\"DEV_WH\"\n }\n ```\n\n* If the `policy_type` is `PRINCIPALS`, then `policy_principals` is a required field.\n* If the `policy_type` is `PROCESSES`, then `policy_processes` is a required field.\n* If the `policy_type` is `NO_POLICY`, then `policy_principals` and `policy_processes` are not required fields.\n\n\n\n\n#### Endpoint URL\n",
+ "description": "\n Version: 10.12.0.cl or later\n\nCreates an additional configuration to an existing connection to a data warehouse. \n\nRequires `DATAMANAGEMENT` (**Can manage data**) or `ADMINISTRATION` (**Can administer ThoughtSpot**) privilege.\n\nIf [Role-Based Access Control (RBAC)](https://developers.thoughtspot.com/docs/rbac) is enabled on your instance, the `CAN_CREATE_OR_EDIT_CONNECTIONS` (**Can create/edit Connections**) privilege is required.\n\n#### Usage guidelines\n\n * A JSON map of configuration attributes in `configuration`. The following example shows the configuration attributes:\n ```\n {\n \"user\":\"DEV_USER\",\n \"password\":\"TestConn123\",\n \"role\":\"DEV\",\n \"warehouse\":\"DEV_WH\"\n }\n ```\n\n* If the `policy_type` is `PRINCIPALS`, then `policy_principals` is a required field.\n* If the `policy_type` is `PROCESSES`, then `policy_processes` is a required field.\n* If the `policy_type` is `NO_POLICY`, then `policy_principals` and `policy_processes` are not required fields.\n\n#### Parameterized Connection Support\nFor parameterized connections that use OAuth authentication, only the same_as_parent and policy_process_options attributes are allowed in the API request. These attributes are not applicable to connections that are not parameterized.\n\n\n\n\n\n#### Endpoint URL\n",
"tags": [
"Connection Configurations",
"10.12.0.cl"
@@ -2078,6 +2086,20 @@
"description": "Unique ID or name of the connection.",
"type": "string"
},
+ "same_as_parent": {
+ "description": "Specifies whether the connection configuration should inherit all properties and authentication\ntype from its parent connection. This attribute is only applicable to parameterized connections.\nWhen set to true, the configuration uses only the connection properties and authentication type\ninherited from the parent.
Version: 26.2.0.cl or later",
+ "default": false,
+ "type": "boolean",
+ "nullable": true
+ },
+ "policy_process_options": {
+ "description": "This attribute is only applicable to parameterized connections. Ensure that the policy is\nset to Processes to allow the configuration to be used exclusively for system processes.
Version: 26.2.0.cl or later",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/PolicyProcessOptionsInput"
+ }
+ ]
+ },
"authentication_type": {
"description": "Type of authentication used for the connection.",
"default": "SERVICE_ACCOUNT",
@@ -2271,7 +2293,7 @@
"/api/rest/2.0/connection-configurations/{configuration_identifier}/update": {
"post": {
"operationId": "updateConnectionConfiguration",
- "description": "\n Version: 10.12.0.cl or later\n\nUpdates a connection configuration object.\n\nRequires `DATAMANAGEMENT` (**Can manage data**) and edit permissions to the connection object, or `ADMINISTRATION` (**Can administer ThoughtSpot**) privilege.\n\nIf [Role-Based Access Control (RBAC)](https://developers.thoughtspot.com/docs/rbac) is enabled on your instance, the `CAN_CREATE_OR_EDIT_CONNECTIONS` (**Can create/edit Connections**) privilege is required.\n\n#### Supported operations\nThis API endpoint lets you perform the following operations in a single API request:\n\n * Edit the name or description of the configuration\n * Edit the configuration properties\n * Edit the `policy_type`\n * Edit the type of authentication\n * Enable or disable a configuration\n\n **NOTE**: When updating a configuration where `disabled` is `true`, you must reset `disabled` to `true` in your update request payload. If not explicitly set again, the API will default `disabled` to `false`.\n \n\n\n\n#### Endpoint URL\n",
+ "description": "\n Version: 10.12.0.cl or later\n\nUpdates a connection configuration object.\n\nRequires `DATAMANAGEMENT` (**Can manage data**) and edit permissions to the connection object, or `ADMINISTRATION` (**Can administer ThoughtSpot**) privilege.\n\nIf [Role-Based Access Control (RBAC)](https://developers.thoughtspot.com/docs/rbac) is enabled on your instance, the `CAN_CREATE_OR_EDIT_CONNECTIONS` (**Can create/edit Connections**) privilege is required.\n\n#### Supported operations\nThis API endpoint lets you perform the following operations in a single API request:\n\n * Edit the name or description of the configuration\n * Edit the configuration properties\n * Edit the `policy_type`\n * Edit the type of authentication\n * Enable or disable a configuration\n\n#### Parameterized Connection Support\nFor parameterized oauth based connections, only the `same_as_parent` and `policy_process_options` attributes are allowed. These attributes are not applicable to connections that are not parameterized.\n\n **NOTE**: When updating a configuration where `disabled` is `true`, you must reset `disabled` to `true` in your update request payload. If not explicitly set again, the API will default `disabled` to `false`.\n\n\n\n\n#### Endpoint URL\n",
"tags": [
"Connection Configurations",
"10.12.0.cl"
@@ -2294,6 +2316,20 @@
"description": "Description of the configuration.",
"type": "string"
},
+ "same_as_parent": {
+ "description": "Specifies whether the connection configuration should inherit all properties and authentication\ntype from its parent connection. This attribute is only applicable to parameterized connections.\nWhen set to true, the configuration uses only the connection properties and authentication type\ninherited from the parent.
Version: 26.2.0.cl or later",
+ "default": false,
+ "type": "boolean",
+ "nullable": true
+ },
+ "policy_process_options": {
+ "description": "This attribute is only applicable to parameterized connections. Ensure that the policy is\nset to Processes to allow the configuration to be used exclusively for system processes.
Version: 26.2.0.cl or later",
+ "allOf": [
+ {
+ "$ref": "#/components/schemas/PolicyProcessOptionsInput"
+ }
+ ]
+ },
"authentication_type": {
"description": "Type of authentication.",
"type": "string",
@@ -2834,6 +2870,132 @@
}
}
},
+ "/api/rest/2.0/connections/{connection_identifier}/revoke-refresh-tokens": {
+ "post": {
+ "operationId": "revokeRefreshTokens",
+ "description": "\n Version: 26.2.0.cl or later\n\nRevokes OAuth refresh tokens for users who no longer require access to a data warehouse connection.\nWhen a token is revoked, the affected user's session for that connection is terminated, and they must re-authenticate to regain access.\n\nRequires `ADMINISTRATION` (**Can administer ThoughtSpot**) or `DATAMANAGEMENT` (**Can manage data**) privileges.\nIf [Role-Based Access Control (RBAC)](https://developers.thoughtspot.com/docs/rbac) is enabled on the ThoughtSpot instance, users with `CAN_CREATE_OR_EDIT_CONNECTIONS` (**Can create/edit Connections**) privilege can also make API requests to revoke tokens for connection users.\n\n#### Usage guidelines\n\nYou can specify different combinations of identifiers to control which refresh tokens are revoked.\n\n- **connection_identifier**: Revokes refresh tokens for all users of the connection, except the connection author.\n- **connection_identifier** and **user_identifiers**: Revokes refresh tokens only for the users specified in the request. If the name or ID of the connection author is included in the request, their token will also be revoked.\n- **connection_identifier** and **configuration_identifiers**: Revokes refresh tokens for all users on the specified configurations, except the configuration author.\n- **connection_identifier**, **configuration_identifiers**, and **user_identifiers**: Revokes refresh tokens for the specified users on the specified configurations.\n- **connection_identifier** and **org_identifiers**: Revokes refresh tokens for the specified Orgs. Applicable only for published connections.\n- **connection_identifier**, **org_identifiers**, and **user_identifiers**: Revokes refresh tokens for the specified users in the specified Orgs. Applicable only for published connections.\n\n**NOTE**: The `org_identifiers` parameter is only applicable for published connections. Using this parameter for unpublished connections will result in an error. Ensure that the connections are published before making the API request.\n\n\n\n\n#### Endpoint URL\n",
+ "tags": [
+ "Connections",
+ "26.2.0.cl"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "object",
+ "properties": {
+ "configuration_identifiers": {
+ "description": "Unique ID or name of the configuration. When provided, the refresh tokens of the users associated with the connection configuration will be revoked.",
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "user_identifiers": {
+ "description": "Unique ID or name of the users. When provided, the refresh tokens of the specified users will be revoked. If the request includes the user ID or name of the connection author, their token will also be revoked.",
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "org_identifiers": {
+ "description": "Unique ID or name of the Org. When provided, the refresh tokens of all users associated with the published connection in the Org will be revoked. This parameter is valid only for published connections. Using it with unpublished connections will result in an error.",
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ }
+ }
+ },
+ "required": true
+ },
+ "parameters": [
+ {
+ "in": "path",
+ "name": "connection_identifier",
+ "required": true,
+ "schema": {
+ "type": "string"
+ },
+ "description": "Unique ID or name of the connection whose refresh tokens need to be revoked. All the users associated with the connection will have their refresh tokens revoked except the author."
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Token(s) successfully revoked.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RevokeRefreshTokensResponse"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorResponse"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Unauthorized access.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorResponse"
+ }
+ }
+ }
+ },
+ "403": {
+ "description": "Forbidden access.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorResponse"
+ }
+ }
+ }
+ },
+ "404": {
+ "description": "Object not found",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorResponse"
+ }
+ }
+ }
+ },
+ "409": {
+ "description": "Conflict",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorResponse"
+ }
+ }
+ }
+ },
+ "500": {
+ "description": "Unexpected error",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ErrorResponse"
+ }
+ }
+ }
+ }
+ }
+ }
+ },
"/api/rest/2.0/connection/search": {
"post": {
"operationId": "searchConnection",
@@ -8745,7 +8907,7 @@
"/api/rest/2.0/report/liveboard": {
"post": {
"operationId": "exportLiveboardReport",
- "description": "\n Version: 9.0.0.cl or later\n\nExports a Liveboard and its visualizations in PDF or PNG file format.\n\nRequires at least view access to the Liveboard.\n\n#### Usage guidelines\n\nIn the request body, specify the GUID or name of the Liveboard. To generate a Liveboard report with specific visualizations, add GUIDs or names of the visualizations.\n\nThe default `file_format` is PDF. For PDF downloads, you can specify additional parameters to customize the page orientation and include or exclude the cover page, logo, footer text, and page numbers. Similar customization options are also available for PNG output.\n\n**NOTE**: The downloadable file returned in API response file is extensionless. Please rename the downloaded file by typing in the relevant extension.\n\nOptionally, you can define [runtime overrides](https://developers.thoughtspot.com/docs/fetch-data-and-report-apis#_runtime_overrides) to apply to the Answer data.\n\nTo include unsaved changes in the report, pass the `transient_pinboard_content` script generated from the `getExportRequestForCurrentPinboard` method in the Visual Embed SDK. Upon successful execution, the API returns the report with unsaved changes, including ad hoc changes to visualizations. For more information, see [Liveboard Report API](https://developers.thoughtspot.com/docs/fetch-data-and-report-apis#_liveboard_report_api). \n\n**NOTE**: Starting with ThoughtSpot Cloud 10.9.0.cl release, the Liveboard can be exported in the PNG format in the resolution of your choice. To enable this on your instance, contact ThoughtSpot support. When this feature is enabled, the options `include_cover_page`,`include_filter_page` within the `png_options` will not be available for PNG exports.\n\n\n\n#### Endpoint URL\n",
+ "description": "\n Version: 9.0.0.cl or later\n\nExports a Liveboard and its visualizations in PDF, PNG, CSV, or XLSX file format.\n\nRequires at least view access to the Liveboard.\n\n#### Usage guidelines\n\nIn the request body, specify the GUID or name of the Liveboard. To generate a Liveboard report with specific visualizations, add GUIDs or names of the visualizations.\n\nThe default `file_format` is CSV. For PDF exports, you can specify additional parameters to customize the page orientation and include or exclude the cover page, logo, footer text, and page numbers. Similar customization options are available for PNG exports. CSV and XLSX exports do not support customization options.\n\n**NOTE**: The downloadable file returned in API response file is extensionless. Please rename the downloaded file by typing in the relevant extension.\n\nOptionally, you can define [runtime overrides](https://developers.thoughtspot.com/docs/fetch-data-and-report-apis#_runtime_overrides) to apply to the Answer data.\n\nTo include unsaved changes in the report, pass the `transient_pinboard_content` script generated from the `getExportRequestForCurrentPinboard` method in the Visual Embed SDK. Upon successful execution, the API returns the report with unsaved changes, including ad hoc changes to visualizations. For more information, see [Liveboard Report API](https://developers.thoughtspot.com/docs/fetch-data-and-report-apis#_liveboard_report_api). \n\n**NOTE**: Starting with ThoughtSpot Cloud 10.9.0.cl release, the Liveboard can be exported in the PNG format in the resolution of your choice. To enable this on your instance, contact ThoughtSpot support. When this feature is enabled, the options `include_cover_page`,`include_filter_page` within the `png_options` will not be available for PNG exports.\n\n**NOTE**: Starting with the ThoughtSpot Cloud 26.2.0.cl release, Liveboards can be exported in CSV format. All visualizations in the Liveboard can be exported as individual CSV files. If multiple visualizations are selected or if the entire Liveboard is exported, the output is returned as a .zip file containing the CSV files for each visualization.\n\n**NOTE**: Starting with the ThoughtSpot Cloud 26.2.0.cl release, Liveboards can be exported in XLSX format. All selected visualizations are consolidated into a single Excel workbook (.xlsx), with each visualization placed in its own worksheet (tab). XLSX exports are limited to 255 worksheets (tabs) per workbook.\n\n\n\n\n#### Endpoint URL\n",
"tags": [
"Reports",
"9.0.0.cl"
@@ -8788,7 +8950,9 @@
"type": "string",
"enum": [
"PDF",
- "PNG"
+ "PNG",
+ "CSV",
+ "XLSX"
]
},
"runtime_filter": {
@@ -12202,7 +12366,9 @@
"examples": {
"example_1": {
"value": {
- "onboarding_content_url": ""
+ "onboarding_content_url": "",
+ "saml_enabled": false,
+ "okta_enabled": false
}
}
}
@@ -14434,7 +14600,7 @@
"/api/rest/2.0/template/variables/create": {
"post": {
"operationId": "createVariable",
- "description": "\nCreate a variable which can be used for parameterizing metadata objects
Beta Version: 10.14.0.cl or later\n\nAllows creating a variable which can be used for parameterizing metadata objects in ThoughtSpot.\n\nRequires ADMINISTRATION role and TENANT scope.\nThe CAN_MANAGE_VARIABLES permission allows you to manage Formula Variables in the current organization scope.\n\nThe API endpoint supports the following types of variables:\n* CONNECTION_PROPERTY - For connection properties\n* TABLE_MAPPING - For table mappings\n* CONNECTION_PROPERTY_PER_PRINCIPAL - For connection properties per principal. In order to use this please contact support to enable this.\n* FORMULA_VARIABLE - For Formula variables\n\nWhen creating a variable, you need to specify:\n* The variable type\n* A unique name for the variable\n* Whether the variable contains sensitive values (defaults to false)\n* The data type of the variable, only specify for fomula variables (defaults to null)\n\nThe operation will fail if:\n* The user lacks required permissions\n* The variable name already exists\n* The variable type is invalid\n\n\n\n#### Endpoint URL\n",
+ "description": "\nCreate a variable which can be used for parameterizing metadata objects
Beta Version: 10.14.0.cl or later\n\nAllows creating a variable which can be used for parameterizing metadata objects in ThoughtSpot.\n\nRequires ADMINISTRATION role and TENANT scope.\nThe CAN_MANAGE_VARIABLES permission allows you to manage Formula Variables in the current organization scope.\n\nThe API endpoint supports the following types of variables:\n* CONNECTION_PROPERTY - For connection properties\n* TABLE_MAPPING - For table mappings\n* CONNECTION_PROPERTY_PER_PRINCIPAL - For connection properties per principal. In order to use this please contact support to enable this.\n* FORMULA_VARIABLE - For Formula variables, introduced in 10.15.0.cl\n\nWhen creating a variable, you need to specify:\n* The variable type\n* A unique name for the variable\n* Whether the variable contains sensitive values (defaults to false)\n* The data type of the variable, only specify for formula variables (defaults to null)\n\nThe operation will fail if:\n* The user lacks required permissions\n* The variable name already exists\n* The variable type is invalid\n\n\n\n#### Endpoint URL\n",
"tags": [
"Variable",
"10.14.0.cl"
@@ -14466,7 +14632,7 @@
"nullable": true
},
"data_type": {
- "description": "Variable Data Type",
+ "description": "Variable Data Type, only for formula_variable type, leave empty for others
Version: 10.15.0.cl or later",
"type": "string",
"enum": [
"VARCHAR",
@@ -17063,6 +17229,14 @@
"onboarding_content_url": {
"type": "string",
"nullable": true
+ },
+ "saml_enabled": {
+ "type": "boolean",
+ "nullable": true
+ },
+ "okta_enabled": {
+ "type": "boolean",
+ "nullable": true
}
}
},
@@ -20113,6 +20287,14 @@
"PROCESSES"
],
"nullable": true
+ },
+ "same_as_parent": {
+ "type": "boolean",
+ "nullable": true
+ },
+ "policy_process_options": {
+ "$ref": "#/components/schemas/PolicyProcessOptions",
+ "nullable": true
}
}
},
@@ -20133,6 +20315,15 @@
}
}
},
+ "PolicyProcessOptions": {
+ "type": "object",
+ "properties": {
+ "impersonate_user": {
+ "type": "string",
+ "nullable": true
+ }
+ }
+ },
"WebhookSortOptionsInput": {
"type": "object",
"properties": {
@@ -22269,6 +22460,18 @@
}
}
},
+ "RevokeRefreshTokensResponse": {
+ "type": "object",
+ "required": [
+ "data"
+ ],
+ "properties": {
+ "data": {
+ "type": "string",
+ "description": "Result message describing the outcome of the refresh token revocation operation."
+ }
+ }
+ },
"RoleResponse": {
"type": "object",
"required": [
@@ -23819,6 +24022,15 @@
}
}
},
+ "PolicyProcessOptionsInput": {
+ "type": "object",
+ "properties": {
+ "impersonate_user": {
+ "type": "string",
+ "nullable": true
+ }
+ }
+ },
"WebhookAuthenticationInput": {
"type": "object",
"properties": {