From 3181588e6fd69feafa348a39b84f69767780b1a6 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Wed, 20 May 2026 13:53:34 +0530 Subject: [PATCH 01/11] auth and answer api --- modules/ROOT/pages/authentication.adoc | 39 +++++++++++++++++++ modules/ROOT/pages/data-report-v2-api.adoc | 37 +++++++++++++++++- modules/ROOT/pages/rest-api-v2-reference.adoc | 9 +++++ modules/ROOT/pages/rest-apiv2-changelog.adoc | 29 ++++++++++++++ 4 files changed, 113 insertions(+), 1 deletion(-) diff --git a/modules/ROOT/pages/authentication.adoc b/modules/ROOT/pages/authentication.adoc index 4d0b69cf0..c2e6535b0 100644 --- a/modules/ROOT/pages/authentication.adoc +++ b/modules/ROOT/pages/authentication.adoc @@ -772,6 +772,45 @@ curl -X POST \ If the API request is successful, ThoughtSpot returns a 204 status code and ends the user session. +== Configuring authentication settings +To enable or disable authentication at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/configure` endpoint. + +=== Request parameters +[width="100%" cols="1,4"] +[options='header'] +|===== +|Parameter|Description +|`auth_type` +|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only. + +|`cluster_preferences` +__Optional__ +|__Nullable__. `ENABLE` or `DISABLE` authentication for the cluster. When enabled, a new token is generated if one does not exist. When disabled, the existing cluster-level access token is revoked. + +|`org_preferences` +__Optional__ +|__Nullable__. `ENABLE` or `DISABLE` authentication for a particular Org. When enabled, a new org-level access token is generated if one does not exist. When disabled, the existing org-level access token is revoked. + +|`org_identifier` + +|===== + +== Search authentication settings +To find the authentication configuration for the specified auth type at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint. + +=== Request parameters +[width="100%" cols="1,4"] +[options='header'] +|===== +|Parameter|Description +|`auth_type` +|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only. + +|`scope` +__Optional__ +|__String__. Select `CLUSTER` to retrieve only cluster-level settings, or `ORG` to retrieve only Org-level settings. If no selection is made, both cluster and Org-level settings are retrieved based on user permissions. +|===== + //// ==== Response codes diff --git a/modules/ROOT/pages/data-report-v2-api.adoc b/modules/ROOT/pages/data-report-v2-api.adoc index 17daad593..359283c4a 100644 --- a/modules/ROOT/pages/data-report-v2-api.adoc +++ b/modules/ROOT/pages/data-report-v2-api.adoc @@ -481,6 +481,41 @@ curl -X POST \ * HTML rendering is not supported for PDF exports of Answers with tables. ==== + +Contact ThoughtSpot support to enable these additional settings for this API endpoint on your ThoughtSpot instance. + +* `personalised_view_identifier` [beta betaBackground]^Beta^ + +Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download. +* `type` [beta betaBackground]^Beta^ + +Used to distinguish between a saved answer and a pinned answer on a Liveboard. Setting this parameter to `PINNED` allows the API to +accept the guid of a pinned Answer directly as the `metadata_identifier`. When +exporting a `PINNED` answer, all Liveboard-level filters, Runtime Filters, and Column +Security Rules (CSR) are automatically applied to the export output. + +The `png_options` [beta betaBackground]^Beta^ support the following properties: + +[cols="1,1,3"] +|=== +|Property |Type |Description + +|`x_resolution` +|Number +|Width of the exported PNG in pixels. + +Valid range: `600px` to `3840px`. + +|`y_resolution` +|Number +|Height of the exported PNG in pixels. + +Valid range: `600px` to `3840px`. + +|`scaling` +|Integer +|Display scale percentage for objects rendered in the image. Adjusts the relative +size of visual elements without cropping the image. + +Valid range: `80%` to `400%`. +|=== + + [#exportSpotterData] ==== Export data generated from Spotter APIs To export results generated from Spotter APIs such as `/api/rest/2.0/ai/answer/create`, `/api/rest/2.0/ai/agent/converse/sse`, and `/api/rest/2.0/ai/conversation/{conversation_identifier}/converse`, include the session ID and generation number in the `POST` request body. @@ -504,7 +539,7 @@ curl -X POST \ * `session_identifier` refers to session ID returned in the Spotter API response. * `generation_number` indicates the Answer generation number. -* `file_format` specifies the format of the output. You can export the Spotter-generated data as PNG or CSV file. By default, the API exports this data in PNG file format. +* `file_format` specifies the format of the output. You can export the Spotter-generated data as PNG, CSV, XLSX, or PDF file. By default, the API exports this data in PNG file format. ===== API Response diff --git a/modules/ROOT/pages/rest-api-v2-reference.adoc b/modules/ROOT/pages/rest-api-v2-reference.adoc index 00170609a..7f9a8238b 100644 --- a/modules/ROOT/pages/rest-api-v2-reference.adoc +++ b/modules/ROOT/pages/rest-api-v2-reference.adoc @@ -130,6 +130,15 @@ ThoughtSpot Software: __10.0.0.sw or later__ a| +++Try it out +++ + +a| `POST /api/rest/2.0/auth/configure` + +Enables or disables authentication. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + +a| +++Try it out +++ + +a| `POST /api/rest/2.0/auth/search` + +Retrieves the authentication configuration for the specified auth type. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + +a| +++Try it out +++ + |===== -- diff --git a/modules/ROOT/pages/rest-apiv2-changelog.adoc b/modules/ROOT/pages/rest-apiv2-changelog.adoc index 720af01df..75a48e171 100644 --- a/modules/ROOT/pages/rest-apiv2-changelog.adoc +++ b/modules/ROOT/pages/rest-apiv2-changelog.adoc @@ -8,6 +8,35 @@ This changelog lists the features and enhancements introduced in REST API v2.0. For information about new features and enhancements available for embedded analytics, see xref:whats-new.adoc[What's New]. +== Version 26.6.0.cl, June 2026 +=== New API endpoints +==== Authentication +The following new endpoints allow searching for the authentication configuration at the cluster or Org level, and also allows enabling and disabling the authentication. Currently, only support trusted authentication. + +* `POST /api/rest/2.0/auth/configure` + +Enables or disables authentication at cluster or Org level for the specified auth type. +* `POST /api/rest/2.0/auth/search` + +Returns the authentication configuration for the specified auth type at cluster and Org level. + +=== Answer report API enhancements [beta betaBackground]^Beta^ + +The `POST /api/rest/2.0/report/answer` endpoint includes the following new request parameters: + +* `personalised_view_identifier` + +Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download. + +* `type` + +Specifies the type of Answer to export. + +In addition to these parameters, you can also define the following properties for PNG downloads: + +* `x_resolution` +* `y_resolution` +* `scaling` + +Contact ThoughtSpot support to enable these settings for PNG downloads on your ThoughtSpot instance. +For more information, see xref:data-report-v2-api.adoc#_answer_report_api[Answer report API documentation]. + == Version 26.5.0.cl, May 2026 === Sync connection metadata attributes From e5a5bfeb0179813df6ccd437f9e396b9424f0606 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Thu, 28 May 2026 09:22:02 +0530 Subject: [PATCH 02/11] added Collection share APIs --- modules/ROOT/pages/collections.adoc | 140 +++++++++++++++++++ modules/ROOT/pages/data-report-v2-api.adoc | 2 +- modules/ROOT/pages/rest-apiv2-changelog.adoc | 73 ++++++++-- 3 files changed, 205 insertions(+), 10 deletions(-) diff --git a/modules/ROOT/pages/collections.adoc b/modules/ROOT/pages/collections.adoc index d1638447d..a028490b6 100644 --- a/modules/ROOT/pages/collections.adoc +++ b/modules/ROOT/pages/collections.adoc @@ -235,6 +235,146 @@ curl -X POST \ If the API request is successful, the objects in the Collection are replaced with the objects in this API request. +== Share a Collection +[NOTE] +==== +Collections sharing via the security API is available from ThoughtSpot Cloud 26.6.0.cl. +==== + +To share a Collection with a user or group, send a `POST` request to the `POST /api/rest/2.0/security/metadata/share` endpoint with `metadata_type` set to `COLLECTION`. + +Collections support dual permissions that let you set independent access levels for the Collection and the objects within it. + +=== Permission fields + +[width="100%", cols="1,1,3"] +[options='header'] +|===== +|Field|Applies to|Description + +|`share_mode`|Collection |Controls access to the Collection itself — view, edit, or delete the Collection. +Accepted values: `READ_ONLY`, `MODIFY`, `NO_ACCESS`. + +|`content_share_mode`|Collection content|Controls access to the objects within the Collection — Liveboards, Answers, Models, and nested Collections. +Accepted values: `READ_ONLY`, `MODIFY`, `NO_ACCESS`. + +Only applicable when `metadata_type` is `COLLECTION`. If omitted, defaults to `READ_ONLY` (or `NO_ACCESS` when `share_mode` is `NO_ACCESS`). +|===== + +=== Permission scenarios + +[width="100%", cols="1,1,1,2"] +[options='header'] +|===== +|Role|`share_mode`|`content_share_mode`|What the principal can do + +|`MODIFY`|`MODIFY`|Full control — manage the Collection and edit its contents +|`MODIFY`|`READ_ONLY`|Manage the Collection structure but cannot edit objects within it +|`READ_ONLY`|`MODIFY`|Edit objects within the Collection but cannot change the Collection itself +|`READ_ONLY`|`READ_ONLY`|View the Collection and its contents only +|===== + +=== Share a Collection (read-only) + +To share a Collection with a user in read-only mode, send the following request: + +[source,CURL] +---- +curl -X POST \ + --url 'https://{ThoughtSpot-Host}/api/rest/2.0/security/metadata/share' \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + -H 'Authorization: Bearer {AUTH_TOKEN}' \ + --data-raw '{ + "metadata_type": "COLLECTION", + "metadata_identifiers": ["Sales reports"], + "permissions": [ + { + "principal": { + "type": "USER", + "identifier": "name@example.com" + }, + "share_mode": "READ_ONLY" + } + ], + "notification": { + "message": "I have shared the Sales reports collection with you.", + "notify_on_share": true + } +}' +---- + +If the request is successful, the API returns the HTTP `204 No Content` status code. + +=== Share a Collection with dual permissions + +To give a user different levels of access to the Collection and its contents, set both `share_mode` and `content_share_mode`. + +[source,CURL] +---- +curl -X POST \ + --url 'https://{ThoughtSpot-Host}/api/rest/2.0/security/metadata/share' \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + -H 'Authorization: Bearer {AUTH_TOKEN}' \ + --data-raw '{ + "metadata_type": "COLLECTION", + "metadata_identifiers": ["Marketing Analytics"], + "permissions": [ + { + "principal": { + "type": "USER", + "identifier": "name@example.com" + }, + "share_mode": "MODIFY", + "content_share_mode": "READ_ONLY" + }, + { + "principal": { + "type": "USER_GROUP", + "identifier": "Marketing Team" + }, + "share_mode": "READ_ONLY", + "content_share_mode": "READ_ONLY" + } + ], + "notification": { + "message": "Sharing the Marketing Analytics collection with your team.", + "notify_on_share": true + } +}' +---- + +If the request is successful, the API returns the HTTP `204 No Content` status code. + +=== Remove Collection access + +To remove a user's access to a Collection, set `share_mode` to `NO_ACCESS`: + +[source,CURL] +---- +curl -X POST \ + --url 'https://{ThoughtSpot-Host}/api/rest/2.0/security/metadata/share' \ + -H 'Accept: application/json' \ + -H 'Content-Type: application/json' \ + -H 'Authorization: Bearer {AUTH_TOKEN}' \ + --data-raw '{ + "metadata_type": "COLLECTION", + "metadata_identifiers": ["Confidential Reports"], + "permissions": [ + { + "principal": { + "type": "USER", + "identifier": "former-member@example.com" + }, + "share_mode": "NO_ACCESS" + } + ] +}' +---- + +If the request is successful, the API returns the HTTP `204 No Content` status code. + == Delete a Collection To remove an existing Collection, send a `POST` request to the `POST /api/rest/2.0/collections/delete` API endpoint. diff --git a/modules/ROOT/pages/data-report-v2-api.adoc b/modules/ROOT/pages/data-report-v2-api.adoc index 359283c4a..e6db29204 100644 --- a/modules/ROOT/pages/data-report-v2-api.adoc +++ b/modules/ROOT/pages/data-report-v2-api.adoc @@ -482,7 +482,7 @@ curl -X POST \ ==== -Contact ThoughtSpot support to enable these additional settings for this API endpoint on your ThoughtSpot instance. +Contact ThoughtSpot support to enable these enhanced settings for this API endpoint on your ThoughtSpot instance: * `personalised_view_identifier` [beta betaBackground]^Beta^ + Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download. diff --git a/modules/ROOT/pages/rest-apiv2-changelog.adoc b/modules/ROOT/pages/rest-apiv2-changelog.adoc index 75a48e171..e47381ef4 100644 --- a/modules/ROOT/pages/rest-apiv2-changelog.adoc +++ b/modules/ROOT/pages/rest-apiv2-changelog.adoc @@ -20,23 +20,78 @@ Returns the authentication configuration for the specified auth type at cluster === Answer report API enhancements [beta betaBackground]^Beta^ -The `POST /api/rest/2.0/report/answer` endpoint includes the following new request parameters: +The `POST /api/rest/2.0/report/answer` API endpoint introduces the following enhancements: -* `personalised_view_identifier` + -Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download. +Pinned Answer export:: +// SOURCE: SCAL-236681, SCAL-306548 +You can now export a pinned Answer directly from a Liveboard using the Answer report API. +To export a pinned Answer, specify the `viz_guid` parameter in your API request. +Exports from this endpoint inherently respect Liveboard-level filters, Runtime Filters, and JWT token context. ++ +To export a specific personalized view of a pinned Answer, include the `personalised_view_identifier` parameter. +// TODO: verify with engineering — confirm exact parameter name casing and accepted value type (GUID, name, or both) for `personalised_view_identifier` -* `type` + -Specifies the type of Answer to export. +Spotter Answer export:: +// SOURCE: SCAL-236681, SCAL-306548 +XLSX and PDF export formats are now supported for Spotter (conversational) Answers. -In addition to these parameters, you can also define the following properties for PNG downloads: +// TODO: verify with engineering — confirm if any limitations apply for chart-type Spotter Answers vs table-type Answers + +Custom PNG dimensions:: +// SOURCE: SCAL-236681, SCAL-306548 +PNG exports now support custom dimensions via the following new parameters: ++ +* `x_resolution` — Sets the export width in pixels. Valid range: 600–3840 px. +* `y_resolution` — Sets the export height in pixels. Valid range: 600–3840 px. ++ +// TODO: verify with engineering — confirm whether `x_resolution` and `y_resolution` are top-level request body parameters or nested inside a `png_options` object + +Display scaling:: +// SOURCE: SCAL-236681, SCAL-306548 +// TODO: verify with engineering — confirm the exact parameter name for the scaling percentage (for example, `scaling`, `scale_factor`, or `scaling_percent`) +A new scaling parameter allows you to adjust the relative size of visual elements in PNG exports without cropping. +Valid range: 80–400%. -* `x_resolution` -* `y_resolution` -* `scaling` +Automatic file naming:: +// SOURCE: SCAL-236681, SCAL-306548 +The API now automatically names exported files based on the Answer title and appends the correct file extension (`.png`, `.pdf`, `.csv`, or `.xlsx`). +// TODO: verify with engineering — confirm whether a caller-supplied filename overrides the automatic name Contact ThoughtSpot support to enable these settings for PNG downloads on your ThoughtSpot instance. For more information, see xref:data-report-v2-api.adoc#_answer_report_api[Answer report API documentation]. +=== Connection deactivate and activate API [beta betaBackground]^Beta^ + +// SOURCE: SCAL-294844, SCAL-294845, SCAL-278132 +// TODO: verify with engineering — confirm the exact endpoint paths for deactivate and activate operations +ThoughtSpot introduces REST API v2.0 endpoints to programmatically deactivate and activate data connections: + +// TODO: verify with engineering — confirm endpoint paths, for example: +// `POST /api/rest/2.0/connections/{connection_identifier}/deactivate` +// `POST /api/rest/2.0/connections/{connection_identifier}/activate` +* `POST /api/rest/2.0/connections/{connection_identifier}/deactivate` + +Deactivates the specified connection. +* `POST /api/rest/2.0/connections/{connection_identifier}/activate` + +Activates a previously deactivated connection. + + +//// +Deactivating a connection prevents all user-initiated queries and skips scheduled background jobs such as Sage indexing and row count statistics. +Activating a connection immediately restores query access and resumes scheduled jobs on their defined schedules. + +Required access: Administrator or Connection Owner. +//// + +For more information, see xref:connections-deactivate.adoc[Deactivate and activate connections]. +// TODO: verify with engineering — confirm target doc page xref name once page is created + +=== Share metadata API: Collections support [beta betaBackground]^Beta^ + +The `POST /api/rest/2.0/security/metadata/share` endpoint now supports sharing Collections. + +To share a Collection, set `metadata_type` to `COLLECTION` in the request body. +For more information, see xref:collections.adoc#share-collection[Share a Collection]. + == Version 26.5.0.cl, May 2026 === Sync connection metadata attributes From cdda0d4439877e927cbdb1e2f59863a97f78d63e Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Mon, 1 Jun 2026 08:53:29 +0530 Subject: [PATCH 03/11] draft for review --- modules/ROOT/pages/data-report-v2-api.adoc | 16 +++---- modules/ROOT/pages/rest-api-v2-reference.adoc | 9 ++++ modules/ROOT/pages/rest-apiv2-changelog.adoc | 43 ++++++++----------- 3 files changed, 36 insertions(+), 32 deletions(-) diff --git a/modules/ROOT/pages/data-report-v2-api.adoc b/modules/ROOT/pages/data-report-v2-api.adoc index e6db29204..ddda5b829 100644 --- a/modules/ROOT/pages/data-report-v2-api.adoc +++ b/modules/ROOT/pages/data-report-v2-api.adoc @@ -459,7 +459,7 @@ To download Answer data via `/api/rest/2.0/report/answer` API, you need at least In the request body, specify the GUID or name of the Answer object as `metadata_identifier`. -You can download the Answer data in the `CSV`, `XLSX`, `PNG`, and `PDF` format. The default `file_format` is `CSV`. +#The API supports exporting saved Answers, pinned Answers from a Liveboard, and Spotter-generated Answers. You can download Answer data in `CSV`, `XLSX`, `PNG`, and `PDF` format. The default `file_format` is `CSV`.# ==== Example @@ -477,22 +477,22 @@ curl -X POST \ [NOTE] ==== -* The downloadable file returned in API response file is extensionless. You need to rename the downloaded file by typing in the relevant extension. +* #Exported files are automatically named after the Answer title, with the file extension appended based on the selected format.# * HTML rendering is not supported for PDF exports of Answers with tables. ==== -Contact ThoughtSpot support to enable these enhanced settings for this API endpoint on your ThoughtSpot instance: +#Contact ThoughtSpot support to enable these enhanced settings for this API endpoint on your ThoughtSpot instance:# -* `personalised_view_identifier` [beta betaBackground]^Beta^ + -Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download. -* `type` [beta betaBackground]^Beta^ + +* #`personalised_view_identifier` [beta betaBackground]^Beta^ + +Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download.# +* #`type` [beta betaBackground]^Beta^ + Used to distinguish between a saved answer and a pinned answer on a Liveboard. Setting this parameter to `PINNED` allows the API to accept the guid of a pinned Answer directly as the `metadata_identifier`. When exporting a `PINNED` answer, all Liveboard-level filters, Runtime Filters, and Column -Security Rules (CSR) are automatically applied to the export output. +Security Rules (CSR) are automatically applied to the export output.# -The `png_options` [beta betaBackground]^Beta^ support the following properties: +#The `png_options` [beta betaBackground]^Beta^ support the following properties:# [cols="1,1,3"] |=== diff --git a/modules/ROOT/pages/rest-api-v2-reference.adoc b/modules/ROOT/pages/rest-api-v2-reference.adoc index 7f9a8238b..859a5b417 100644 --- a/modules/ROOT/pages/rest-api-v2-reference.adoc +++ b/modules/ROOT/pages/rest-api-v2-reference.adoc @@ -246,6 +246,15 @@ Downloads connection metadata differences between Cloud Data Warehouse and Thoug ThoughtSpot Software: __10.0.0.sw or later__ a| +++Try it out +++ + +a| `POST /api/rest/2.0/auth/configure` + +Enables or disables authentication. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + +a| +++Try it out +++ + +a| `POST /api/rest/2.0/auth/search` + +Retrieves the authentication configuration for the specified auth type. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + +a| +++Try it out +++ + |===== -- == Connection Configuration diff --git a/modules/ROOT/pages/rest-apiv2-changelog.adoc b/modules/ROOT/pages/rest-apiv2-changelog.adoc index e47381ef4..a20bea2e7 100644 --- a/modules/ROOT/pages/rest-apiv2-changelog.adoc +++ b/modules/ROOT/pages/rest-apiv2-changelog.adoc @@ -18,6 +18,25 @@ Enables or disables authentication at cluster or Org level for the specified aut * `POST /api/rest/2.0/auth/search` + Returns the authentication configuration for the specified auth type at cluster and Org level. +==== Connection deactivate and activate API [beta betaBackground]^Beta^ + +// SOURCE: SCAL-294844, SCAL-294845, SCAL-278132 +// TODO: verify with engineering — confirm the exact endpoint paths for deactivate and activate operations +ThoughtSpot introduces REST API v2.0 endpoints to programmatically deactivate and activate data connections: + +// TODO: verify with engineering — confirm endpoint paths, for example: +// `POST /api/rest/2.0/connections/{connection_identifier}/deactivate` +// `POST /api/rest/2.0/connections/{connection_identifier}/activate` +* POST /api/rest/2.0/connections/{connection_identifier}/status + +Deactivates or activates a connection. + +//// +Deactivating a connection prevents all user-initiated queries and skips scheduled background jobs such as Sage indexing and row count statistics. +Activating a connection immediately restores query access and resumes scheduled jobs on their defined schedules. + +Required access: Administrator or Connection Owner. +//// + === Answer report API enhancements [beta betaBackground]^Beta^ The `POST /api/rest/2.0/report/answer` API endpoint introduces the following enhancements: @@ -60,30 +79,6 @@ The API now automatically names exported files based on the Answer title and app Contact ThoughtSpot support to enable these settings for PNG downloads on your ThoughtSpot instance. For more information, see xref:data-report-v2-api.adoc#_answer_report_api[Answer report API documentation]. -=== Connection deactivate and activate API [beta betaBackground]^Beta^ - -// SOURCE: SCAL-294844, SCAL-294845, SCAL-278132 -// TODO: verify with engineering — confirm the exact endpoint paths for deactivate and activate operations -ThoughtSpot introduces REST API v2.0 endpoints to programmatically deactivate and activate data connections: - -// TODO: verify with engineering — confirm endpoint paths, for example: -// `POST /api/rest/2.0/connections/{connection_identifier}/deactivate` -// `POST /api/rest/2.0/connections/{connection_identifier}/activate` -* `POST /api/rest/2.0/connections/{connection_identifier}/deactivate` + -Deactivates the specified connection. -* `POST /api/rest/2.0/connections/{connection_identifier}/activate` + -Activates a previously deactivated connection. - - -//// -Deactivating a connection prevents all user-initiated queries and skips scheduled background jobs such as Sage indexing and row count statistics. -Activating a connection immediately restores query access and resumes scheduled jobs on their defined schedules. - -Required access: Administrator or Connection Owner. -//// - -For more information, see xref:connections-deactivate.adoc[Deactivate and activate connections]. -// TODO: verify with engineering — confirm target doc page xref name once page is created === Share metadata API: Collections support [beta betaBackground]^Beta^ From fed0d7f9f8fdaac846bb590434579de632a262bf Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Mon, 1 Jun 2026 14:55:21 +0530 Subject: [PATCH 04/11] Siddhant's feedback --- modules/ROOT/pages/data-report-v2-api.adoc | 21 ++++++++++---------- modules/ROOT/pages/rest-apiv2-changelog.adoc | 8 ++++---- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/modules/ROOT/pages/data-report-v2-api.adoc b/modules/ROOT/pages/data-report-v2-api.adoc index ddda5b829..196c8361d 100644 --- a/modules/ROOT/pages/data-report-v2-api.adoc +++ b/modules/ROOT/pages/data-report-v2-api.adoc @@ -459,7 +459,7 @@ To download Answer data via `/api/rest/2.0/report/answer` API, you need at least In the request body, specify the GUID or name of the Answer object as `metadata_identifier`. -#The API supports exporting saved Answers, pinned Answers from a Liveboard, and Spotter-generated Answers. You can download Answer data in `CSV`, `XLSX`, `PNG`, and `PDF` format. The default `file_format` is `CSV`.# +The API supports exporting saved Answers, pinned Answers from a Liveboard, and Spotter-generated Answers. You can download Answer data in `CSV`, `XLSX`, `PNG`, and `PDF` format. The default `file_format` is `CSV`. ==== Example @@ -477,22 +477,22 @@ curl -X POST \ [NOTE] ==== -* #Exported files are automatically named after the Answer title, with the file extension appended based on the selected format.# +* Exported files are automatically named after the Answer title, with the file extension appended based on the selected format. * HTML rendering is not supported for PDF exports of Answers with tables. ==== -#Contact ThoughtSpot support to enable these enhanced settings for this API endpoint on your ThoughtSpot instance:# +Contact ThoughtSpot support to enable these enhanced settings for this API endpoint on your ThoughtSpot instance: -* #`personalised_view_identifier` [beta betaBackground]^Beta^ + -Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download.# -* #`type` [beta betaBackground]^Beta^ + +* `personalised_view_identifier` [earlyAccess eaBackground]#Early Access# + +Optional parameter to specify the GUID of the personalised view of the `PINNED` Answer object that you want to download. +* `type` [earlyAccess eaBackground]#Early Access# + Used to distinguish between a saved answer and a pinned answer on a Liveboard. Setting this parameter to `PINNED` allows the API to accept the guid of a pinned Answer directly as the `metadata_identifier`. When -exporting a `PINNED` answer, all Liveboard-level filters, Runtime Filters, and Column -Security Rules (CSR) are automatically applied to the export output.# +exporting an Answer, all Liveboard-level filters, Runtime Filters, and Column +Security Rules (CSR) are automatically applied to the export output. -#The `png_options` [beta betaBackground]^Beta^ support the following properties:# +The `png_options` [earlyAccess eaBackground]#Early Access# support the following properties: [cols="1,1,3"] |=== @@ -512,9 +512,10 @@ Valid range: `600px` to `3840px`. |Integer |Display scale percentage for objects rendered in the image. Adjusts the relative size of visual elements without cropping the image. + -Valid range: `80%` to `400%`. +Valid range: `80%` to `500%`. |=== +You can now export the PNG of any Answer in any aspect ratio and any scaling or zoom level. Just configure, scale, and export exactly what you need. [#exportSpotterData] ==== Export data generated from Spotter APIs diff --git a/modules/ROOT/pages/rest-apiv2-changelog.adoc b/modules/ROOT/pages/rest-apiv2-changelog.adoc index a20bea2e7..a764ac797 100644 --- a/modules/ROOT/pages/rest-apiv2-changelog.adoc +++ b/modules/ROOT/pages/rest-apiv2-changelog.adoc @@ -37,7 +37,7 @@ Activating a connection immediately restores query access and resumes scheduled Required access: Administrator or Connection Owner. //// -=== Answer report API enhancements [beta betaBackground]^Beta^ +=== Answer report API enhancements [earlyAccess eaBackground]#Early Access# The `POST /api/rest/2.0/report/answer` API endpoint introduces the following enhancements: @@ -45,7 +45,7 @@ Pinned Answer export:: // SOURCE: SCAL-236681, SCAL-306548 You can now export a pinned Answer directly from a Liveboard using the Answer report API. To export a pinned Answer, specify the `viz_guid` parameter in your API request. -Exports from this endpoint inherently respect Liveboard-level filters, Runtime Filters, and JWT token context. +Exports from this endpoint inherently respect Liveboard-level filters, Runtime Filters, Column security rules, and JWT token context. + To export a specific personalized view of a pinned Answer, include the `personalised_view_identifier` parameter. // TODO: verify with engineering — confirm exact parameter name casing and accepted value type (GUID, name, or both) for `personalised_view_identifier` @@ -68,8 +68,8 @@ PNG exports now support custom dimensions via the following new parameters: Display scaling:: // SOURCE: SCAL-236681, SCAL-306548 // TODO: verify with engineering — confirm the exact parameter name for the scaling percentage (for example, `scaling`, `scale_factor`, or `scaling_percent`) -A new scaling parameter allows you to adjust the relative size of visual elements in PNG exports without cropping. -Valid range: 80–400%. +A new `scaling` parameter allows you to adjust the relative size of visual elements in PNG exports without cropping. +Valid range: 80–500%. Automatic file naming:: // SOURCE: SCAL-236681, SCAL-306548 From 58189c9c0471d8af87f64a3dce31bfd116ed7ff5 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Mon, 1 Jun 2026 21:10:34 +0530 Subject: [PATCH 05/11] trusted auth edits --- modules/ROOT/pages/authentication.adoc | 5 +++-- modules/ROOT/pages/security-settings.adoc | 11 ++++++++--- modules/ROOT/pages/trusted-auth-secret-key.adoc | 6 ++++-- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/modules/ROOT/pages/authentication.adoc b/modules/ROOT/pages/authentication.adoc index c2e6535b0..222bfabf5 100644 --- a/modules/ROOT/pages/authentication.adoc +++ b/modules/ROOT/pages/authentication.adoc @@ -772,7 +772,8 @@ curl -X POST \ If the API request is successful, ThoughtSpot returns a 204 status code and ends the user session. -== Configuring authentication settings + +== #Configuring authentication settings# To enable or disable authentication at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/configure` endpoint. === Request parameters @@ -795,7 +796,7 @@ __Optional__ |===== -== Search authentication settings +== #Search authentication settings# To find the authentication configuration for the specified auth type at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint. === Request parameters diff --git a/modules/ROOT/pages/security-settings.adoc b/modules/ROOT/pages/security-settings.adoc index 80a485d06..4be9493f4 100644 --- a/modules/ROOT/pages/security-settings.adoc +++ b/modules/ROOT/pages/security-settings.adoc @@ -492,10 +492,15 @@ curl -X POST \ ---- === Trusted authentication -See xref:trusted-authentication.adoc[Trusted authentication] and xref:_secret_key_management[Secret key management]. +#To enable or disable trusted authentication at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/configure` endpoint.# + +#To find the trusted authentication configuration for the specified auth type at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint.# + +#For more information on the trusted authentication configuration through APIs, see xref:authentication.adoc[Configuring authentication settings].# + +See xref:trusted-authentication.adoc[Trusted authentication] and xref:_secret_key_management[Secret key management] for other related information. + -[NOTE] -Trusted authentication is not supported through the REST APIs v2. == Retrieve security settings You can retrieve the security settings for your ThoughtSpot instance by sending a `POST` request to `POST /api/rest/2.0/system/security-settings/search` API endpoint. diff --git a/modules/ROOT/pages/trusted-auth-secret-key.adoc b/modules/ROOT/pages/trusted-auth-secret-key.adoc index 9071fc5e8..7bb3f5a82 100644 --- a/modules/ROOT/pages/trusted-auth-secret-key.adoc +++ b/modules/ROOT/pages/trusted-auth-secret-key.adoc @@ -6,7 +6,8 @@ :page-pageid: trusted-auth-secret-key :page-description: You can configure support for token-based authentication service on ThoughtSpot. -== secret key overview +[#secret-key-overview] +== Secret key overview The `secret_key` allows calling the ThoughtSpot *token request* REST APIs to generate a token for *any user*. Requests with the `secret_key` do not require any type of user login or admin permissions and the `secret_key` is equivalent to an admin-level login for the token request REST APIs. @@ -31,7 +32,8 @@ To generate a secret key: If the per-Org secret key feature is not enabled on your instance and if you want to generate a separate secret key for each Org, contact ThoughtSpot Support. ThoughtSpot also allows you to generate a secret key at the primary Org (Org 0) level and use it to obtain an authentication token for a user. . Go to *Develop* > *Customizations* > *Security settings*. . Click *Edit*. -. To enable trusted authentication, turn on the *Trusted authentication* toggle. +. To enable trusted authentication, turn on the *Trusted authentication* toggle. #To enable Trusted authentication programmatically, send a `POST` request to the `POST /api/rest/2.0/auth/configure` endpoint endpoint. For more information, see xref:authentication.adoc[Configuring authentication settings].# + . To copy the secret key, click *Edit* again, navigate to *Trusted authentication*, and then click the copy to clipboard icon. + The following example shows a ThoughtSpot-generated secret key string. From 713ccfb97144199a6c8b5f31a2bf20025b3bc477 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Tue, 2 Jun 2026 12:05:47 +0530 Subject: [PATCH 06/11] trusted auth Shashi's feedback --- modules/ROOT/pages/authentication.adoc | 152 +++++++++++------- modules/ROOT/pages/rest-api-v2-reference.adoc | 10 +- .../ROOT/pages/trusted-auth-secret-key.adoc | 6 +- modules/ROOT/pages/whats-new.adoc | 6 + 4 files changed, 111 insertions(+), 63 deletions(-) diff --git a/modules/ROOT/pages/authentication.adoc b/modules/ROOT/pages/authentication.adoc index 222bfabf5..ddd7cc401 100644 --- a/modules/ROOT/pages/authentication.adoc +++ b/modules/ROOT/pages/authentication.adoc @@ -87,13 +87,105 @@ Once the security rules are set, they are fixed for at least that user's session ||| |=== +[#_enable_trusted] +=== Configure trusted authentication +To generate an access token, Trusted authentication must be enabled on your ThoughtSpot instance. +You can enable Trusted authentication through the ThoughtSpot UI or the REST API v2. + +*Through the ThoughtSpot UI* + +The administrator must enable xref:trusted-auth-secret-key.adoc[Trusted authentication] on the +*Develop* > *Customizations* > *Security settings* page. + +*Through the REST API v2* + +Before enabling Trusted authentication through the REST API v2, check your existing +authentication configuration. +To retrieve the current authentication configuration for a specific authentication type at the +cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint. + +==== Request parameters +[width="100%" cols="1,4"] +[options='header'] +|===== +|Parameter|Description +|`auth_type` +|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only. + +|`scope` +__Optional__ +|__String__. Select `CLUSTER` to retrieve only cluster-level settings, or `ORG` to retrieve only Org-level settings. If no selection is made, both cluster and Org-level settings are retrieved based on user permissions. +|===== + +==== API request + +.cURL +[source, cURL] +---- +curl -X POST \ +--url 'https://{ThoughtSpot-host}/api/rest/2.0/auth/search' \ +-H 'Accept: application/json' \ +-H 'Content-Type: application/json' \ +-H 'Authorization: Bearer {AUTH_TOKEN}' + { + "auth_type": "TRUSTED_AUTH" + }' +---- + + +If Trusted authentication is not enabled, you can enable or disable it at the cluster or Org level by sending a request to the `POST /api/rest/2.0/auth/configure` endpoint. + + +=== Request parameters +[width="100%" cols="1,4"] +[options='header'] +|===== +|Parameter|Description +|`auth_type` +|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only. + +|`cluster_preferences` +__Optional__ +|__Nullable__. `ENABLE` or `DISABLE` authentication for the cluster. When enabled, a new token is generated if one does not exist. When disabled, the existing cluster-level access token is revoked. + +|`org_preferences` +__Optional__ +|__Nullable__. `ENABLE` or `DISABLE` authentication for a particular Org. When enabled, a new org-level access token is generated if one does not exist. When disabled, the existing org-level access token is revoked. + +|`org_identifier` + +|===== + +==== API request + +.cURL +[source, cURL] +---- +curl -X POST \ +--url 'https://{ThoughtSpot-host}/api/rest/2.0/auth/configure' \ +-H 'Content-Type: application/json' \ +-H 'Authorization: Bearer {AUTH_TOKEN} + '{ + "auth_type": "TRUSTED_AUTH", + "org_preferences": [ + { + "org_identifier": "Test", + "auth_status": "ENABLED" + } + ] + }' +---- + +If the API request is successful, ThoughtSpot returns a 204 status code. + + [#_generate_a_full_access_token] === Generating a full access token To generate a full access token, send a `POST` request to the `/api/rest/2.0/auth/token/full` API endpoint with the required attributes. You can generate a token by providing a `username` and `password`, or by using a `secret_key`. -To generate a `secret_key`, the administrator must enable xref:trusted-auth-secret-key.adoc[trusted authentication] on the **Develop** > **Customizations** > **Security Settings** page. +To generate a `secret_key`, the administrator must enable xref:trusted-auth-secret-key.adoc[trusted authentication] on the **Develop** > **Customizations** > **Security Settings** page or through the APIs. After ThoughtSpot issues an authentication token, the user must include the token in the `Authorization` header of their subsequent API requests. @@ -161,7 +253,7 @@ If the API request is successful, ThoughtSpot returns the authentication token t ==== API request with username and secret key To obtain an authentication token for a user, include `username` and `secret_key` in the API request. In a trusted authentication implementation, you can request tokens on behalf of users who require access to the ThoughtSpot content embedded in a third-party application. -To request a token on behalf of another user, you need administrator privileges and a `secret key` that allows you to securely pass the authentication details of an embedded application user. The `secret key` is generated xref:trusted-auth-secret-key.adoc#trusted-auth-enable[when trusted authentication is enabled on a ThoughtSpot instance]. +To request a token on behalf of another user, you need administrator privileges and a `secret_key` that allows you to securely pass the authentication details of an embedded application user. The `secret_key` is generated xref:trusted-auth-secret-key.adoc#trusted-auth-enable[when trusted authentication is enabled on a ThoughtSpot instance]. To get a trusted authentication token that grants full access to ThoughtSpot, send a `POST` request with `username`, `secret_key`, and other attributes to the `/api/rest/2.0/auth/token/full` endpoint: @@ -172,7 +264,7 @@ To get a trusted authentication token that grants full access to ThoughtSpot, se |`username` |__String__. Username of the ThoughtSpot user. If the user is not available in ThoughtSpot, you can set the `auto_create` parameter to `true` to create a user just-in-time (JIT). |`secret_key` -|__String__. The secret key string generated for your ThoughtSpot instance. The secret key is created xref:trusted-auth-secret-key.adoc#trusted-auth-enable[when trusted authentication is enabled] on your instance. +|__String__. The `secret_key` string generated for your ThoughtSpot instance. The `secret_key` is created xref:trusted-auth-secret-key.adoc#trusted-auth-enable[when trusted authentication is enabled] on your instance. |`validity_time_in_sec` + __Optional__|__Integer__. Token expiry duration in seconds. The default duration is 300 seconds. You can set the token expiry duration to a higher value. API requests with an expired or invalid token result in an error. In such cases, REST clients must obtain a new token from ThoughtSpot and use it in their subsequent API calls. |`org_id` + @@ -187,7 +279,7 @@ The following example shows the request body with `username` and `secret_key`: [source,cURL] ---- curl -X POST \ - --url 'https://stage-grapes-champagne.thoughtspotstaging.cloud/api/rest/2.0/auth/token/full' \ + --url 'https://{ThoughtSpot-Host}api/rest/2.0/auth/token/full' \ -H 'Accept: application/json' \ -H 'Content-Type: application/json' \ --data-raw '{ @@ -298,7 +390,7 @@ To get a token that grants `read-only` access to a specific metadata object, sen |__String__. Username of the ThoughtSpot user. If the user is not available in ThoughtSpot, you can set the `auto_create` parameter to `true` to create a user just-in-time (JIT). |`secret_key` -|__String__. The secret key string generated for your ThoughtSpot instance. The secret key is created xref:trusted-auth-secret-key.adoc#trusted-auth-enable[when trusted authentication is enabled] on your instance. +|__String__. The `secret_key` string generated for your ThoughtSpot instance. The `secret_key` is created xref:trusted-auth-secret-key.adoc#trusted-auth-enable[when trusted authentication is enabled] on your instance. |`object_id` |__String__. GUID of the ThoughtSpot object. @@ -542,7 +634,7 @@ For cookie-based authentication, make an API call to the `/api/rest/2.0/auth/ses |__String__. The password of the user account. |`org_identifier` -|__String__. Name or ID of the Org. If no Org ID is specified, the user will be logged into the Org context of their previous session. +|__String__. Name or ID of the Org. If no Org ID is specified, the user is logged into the Org context of their previous session. |`remember_me` __Optional__ @@ -773,52 +865,4 @@ curl -X POST \ If the API request is successful, ThoughtSpot returns a 204 status code and ends the user session. -== #Configuring authentication settings# -To enable or disable authentication at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/configure` endpoint. - -=== Request parameters -[width="100%" cols="1,4"] -[options='header'] -|===== -|Parameter|Description -|`auth_type` -|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only. - -|`cluster_preferences` -__Optional__ -|__Nullable__. `ENABLE` or `DISABLE` authentication for the cluster. When enabled, a new token is generated if one does not exist. When disabled, the existing cluster-level access token is revoked. - -|`org_preferences` -__Optional__ -|__Nullable__. `ENABLE` or `DISABLE` authentication for a particular Org. When enabled, a new org-level access token is generated if one does not exist. When disabled, the existing org-level access token is revoked. - -|`org_identifier` -|===== - -== #Search authentication settings# -To find the authentication configuration for the specified auth type at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint. - -=== Request parameters -[width="100%" cols="1,4"] -[options='header'] -|===== -|Parameter|Description -|`auth_type` -|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only. - -|`scope` -__Optional__ -|__String__. Select `CLUSTER` to retrieve only cluster-level settings, or `ORG` to retrieve only Org-level settings. If no selection is made, both cluster and Org-level settings are retrieved based on user permissions. -|===== - -//// -==== Response codes - -[options="header", cols="2,4"] -|=== -|HTTP status code|Description -|**204**|The user is logged out of ThoughtSpot -|**500**|Failed operation -|=== -//// diff --git a/modules/ROOT/pages/rest-api-v2-reference.adoc b/modules/ROOT/pages/rest-api-v2-reference.adoc index 859a5b417..209f323d7 100644 --- a/modules/ROOT/pages/rest-api-v2-reference.adoc +++ b/modules/ROOT/pages/rest-api-v2-reference.adoc @@ -247,13 +247,9 @@ ThoughtSpot Software: __10.0.0.sw or later__ a| +++Try it out +++ -a| `POST /api/rest/2.0/auth/configure` + -Enables or disables authentication. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + -a| +++Try it out +++ - -a| `POST /api/rest/2.0/auth/search` + -Retrieves the authentication configuration for the specified auth type. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + -a| +++Try it out +++ +a| `POST /api/rest/2.0/connections/{connection_identifier}/status` + +Deactivates or activates a connection. a| ThoughtSpot Cloud: __26.6.0.cl or later__ + +a| +++Try it out +++ |===== -- diff --git a/modules/ROOT/pages/trusted-auth-secret-key.adoc b/modules/ROOT/pages/trusted-auth-secret-key.adoc index 7bb3f5a82..eabccd6d6 100644 --- a/modules/ROOT/pages/trusted-auth-secret-key.adoc +++ b/modules/ROOT/pages/trusted-auth-secret-key.adoc @@ -32,8 +32,7 @@ To generate a secret key: If the per-Org secret key feature is not enabled on your instance and if you want to generate a separate secret key for each Org, contact ThoughtSpot Support. ThoughtSpot also allows you to generate a secret key at the primary Org (Org 0) level and use it to obtain an authentication token for a user. . Go to *Develop* > *Customizations* > *Security settings*. . Click *Edit*. -. To enable trusted authentication, turn on the *Trusted authentication* toggle. #To enable Trusted authentication programmatically, send a `POST` request to the `POST /api/rest/2.0/auth/configure` endpoint endpoint. For more information, see xref:authentication.adoc[Configuring authentication settings].# - +. To enable trusted authentication, turn on the *Trusted authentication* toggle. . To copy the secret key, click *Edit* again, navigate to *Trusted authentication*, and then click the copy to clipboard icon. + The following example shows a ThoughtSpot-generated secret key string. @@ -46,6 +45,9 @@ This key is required for making API calls to get a token for ThoughtSpot users. . Store the key in a secure location. . Click *Save Changes*. +[NOTE] +#To enable Trusted authentication programmatically, send a `POST` request to the `POST /api/rest/2.0/auth/configure` endpoint. For more information, see xref:authentication.adoc[Configuring authentication settings].# + == Request a new secret key Requesting a new `secret_key` simply involves disabling and re-enabling trusted authentication. diff --git a/modules/ROOT/pages/whats-new.adoc b/modules/ROOT/pages/whats-new.adoc index 1ee092727..c00cbc1dc 100644 --- a/modules/ROOT/pages/whats-new.adoc +++ b/modules/ROOT/pages/whats-new.adoc @@ -23,6 +23,12 @@ This page lists new features, enhancements, and deprecated functionality introdu // *Affects:* Developers, Administrators, End Users // ============================================================ +== June 2026 + +[discrete] +==== REST API v2 +This release introduces new API endpoints for Connections and trusted authentication, and modifications to the Answer report and sharing metadata APIs. For information about REST API v2 enhancements, see the xref:rest-apiv2-changelog.adoc[REST API v2.0 changelog]. +|===== == May 2026 From a90f24dca1de1c33e5703e91105e7f7c3c0b47ea Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Tue, 2 Jun 2026 12:09:08 +0530 Subject: [PATCH 07/11] trusted auth edits --- modules/ROOT/pages/authentication.adoc | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/ROOT/pages/authentication.adoc b/modules/ROOT/pages/authentication.adoc index ddd7cc401..7d3652ef9 100644 --- a/modules/ROOT/pages/authentication.adoc +++ b/modules/ROOT/pages/authentication.adoc @@ -88,9 +88,9 @@ Once the security rules are set, they are fixed for at least that user's session |=== [#_enable_trusted] -=== Configure trusted authentication -To generate an access token, Trusted authentication must be enabled on your ThoughtSpot instance. -You can enable Trusted authentication through the ThoughtSpot UI or the REST API v2. +=== #Configure trusted authentication# +To generate an access token, trusted authentication must be enabled on your ThoughtSpot instance. +You can enable trusted authentication through the ThoughtSpot UI or the REST API v2. *Through the ThoughtSpot UI* @@ -99,9 +99,9 @@ The administrator must enable xref:trusted-auth-secret-key.adoc[Trusted authenti *Through the REST API v2* -Before enabling Trusted authentication through the REST API v2, check your existing +Before enabling trusted authentication through the REST API v2, check your existing authentication configuration. -To retrieve the current authentication configuration for a specific authentication type at the +To retrieve the current authentication configuration at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint. ==== Request parameters @@ -133,7 +133,7 @@ curl -X POST \ ---- -If Trusted authentication is not enabled, you can enable or disable it at the cluster or Org level by sending a request to the `POST /api/rest/2.0/auth/configure` endpoint. +If trusted authentication is not enabled, you can enable or disable it at the cluster or Org level by sending a request to the `POST /api/rest/2.0/auth/configure` endpoint. === Request parameters From 3b018e25baa12cc81c574460d95a5e69d327ba54 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Tue, 2 Jun 2026 14:08:22 +0530 Subject: [PATCH 08/11] Added deprecation note --- modules/ROOT/pages/deprecated-features.adoc | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/modules/ROOT/pages/deprecated-features.adoc b/modules/ROOT/pages/deprecated-features.adoc index 06089a22d..a828236e0 100644 --- a/modules/ROOT/pages/deprecated-features.adoc +++ b/modules/ROOT/pages/deprecated-features.adoc @@ -14,6 +14,8 @@ As ThoughtSpot applications evolve, some existing features will be deprecated an [options='header'] |===== |Feature|Impacted interface and release versions|Deprecation date |End of Support / removal from the product +a|xref:deprecated-features.adoc#everynmins[*Send every N minutes* frequency in Liveboard schedules] +|ThoughtSpot Cloud 26.8.0.cl and later | August 2026 | - a|xref:deprecated-features.adoc#hostEventv1[HostEvent v1 framework] |ThoughtSpot Cloud 26.10.0.cl and later | October 2026 | March 2027 a|xref:deprecated-features.adoc#v1-v2-exp-fullApp-embed[V1 and V2 UI experience in full application embedding]|ThoughtSpot Cloud 26.8.0.cl and later | February 2026 | August 2026 @@ -87,6 +89,19 @@ a|xref:deprecated-features.adoc#_deprecated_parameter_in_rest_api_v2_0_authentic |||| |===== +[#everynmins] +== *Send every N minutes* frequency in Liveboard Schedules +The `POST /api/rest/2.0/schedules/create` API endpoint no longer accepts `minute` as a valid `frequency` value for sub-hourly schedule intervals. + +Impact on your instance:: +Starting ThoughtSpot 26.8.0.cl, all existing Liveboard schedules set to *every N minutes* will be automatically changed to *every 1 hour*. +This change cannot be undone. Review your existing schedules and update them to an hourly or daily frequency before upgrading. + +Recommended action:: +Do not create Liveboard schedules with sub-hourly frequencies. +If you need to send a report immediately, use the *Send now* option in Liveboard schedules. +For any assistance, contact ThoughtSpot Support. + [#hostEventv1] == HostEvent v1 framework in Visual Embed SDK The HostEvent v1 framework will be deprecated in the ThoughtSpot Cloud 26.10.0.cl release version. The default behavior of host events and application workflows with the HostEvent v1 framework will be replaced with the HostEvent v2 framework. From aea6efa648c32314e6de96ab5512010e7c5d5c90 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Tue, 2 Jun 2026 14:26:34 +0530 Subject: [PATCH 09/11] Added deprecation note --- modules/ROOT/pages/deprecated-features.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/ROOT/pages/deprecated-features.adoc b/modules/ROOT/pages/deprecated-features.adoc index a828236e0..ac0cc2601 100644 --- a/modules/ROOT/pages/deprecated-features.adoc +++ b/modules/ROOT/pages/deprecated-features.adoc @@ -14,7 +14,7 @@ As ThoughtSpot applications evolve, some existing features will be deprecated an [options='header'] |===== |Feature|Impacted interface and release versions|Deprecation date |End of Support / removal from the product -a|xref:deprecated-features.adoc#everynmins[*Send every N minutes* frequency in Liveboard schedules] +a|xref:deprecated-features.adoc#everynmins[Minute-level schedule frequency] |ThoughtSpot Cloud 26.8.0.cl and later | August 2026 | - a|xref:deprecated-features.adoc#hostEventv1[HostEvent v1 framework] |ThoughtSpot Cloud 26.10.0.cl and later | October 2026 | March 2027 @@ -90,7 +90,7 @@ a|xref:deprecated-features.adoc#_deprecated_parameter_in_rest_api_v2_0_authentic |===== [#everynmins] -== *Send every N minutes* frequency in Liveboard Schedules +== Minute-level schedule frequency The `POST /api/rest/2.0/schedules/create` API endpoint no longer accepts `minute` as a valid `frequency` value for sub-hourly schedule intervals. Impact on your instance:: From 9a4790df673f2fc0c382c92fce3de124d66c56ee Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Wed, 3 Jun 2026 10:27:00 +0530 Subject: [PATCH 10/11] edited the deprecation note --- modules/ROOT/pages/deprecated-features.adoc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/modules/ROOT/pages/deprecated-features.adoc b/modules/ROOT/pages/deprecated-features.adoc index ac0cc2601..67d8a7fcc 100644 --- a/modules/ROOT/pages/deprecated-features.adoc +++ b/modules/ROOT/pages/deprecated-features.adoc @@ -91,16 +91,14 @@ a|xref:deprecated-features.adoc#_deprecated_parameter_in_rest_api_v2_0_authentic [#everynmins] == Minute-level schedule frequency -The `POST /api/rest/2.0/schedules/create` API endpoint no longer accepts `minute` as a valid `frequency` value for sub-hourly schedule intervals. +The `POST /api/rest/2.0/schedules/create` API endpoint no longer accepts `minute` as a valid `frequency` value for schedule intervals. Impact on your instance:: -Starting ThoughtSpot 26.8.0.cl, all existing Liveboard schedules set to *every N minutes* will be automatically changed to *every 1 hour*. -This change cannot be undone. Review your existing schedules and update them to an hourly or daily frequency before upgrading. +Starting ThoughtSpot 26.8.0.cl, all existing Liveboard schedules set to `minute` as the frequency will be automatically changed to an hourly frequency. Recommended action:: -Do not create Liveboard schedules with sub-hourly frequencies. -If you need to send a report immediately, use the *Send now* option in Liveboard schedules. -For any assistance, contact ThoughtSpot Support. +Before upgrading, review your existing Liveboard schedules. +If your workflows require sub-hourly frequencies after this change takes effect, contact ThoughtSpot Support. Beyond reinstating the `minute` frequency, ThoughtSpot will not provide ongoing maintenance for that frequency. [#hostEventv1] == HostEvent v1 framework in Visual Embed SDK From b9bd3903b856e54b53ee9d0a95ffe608cbaf9ba6 Mon Sep 17 00:00:00 2001 From: Rani Gangwar Date: Wed, 3 Jun 2026 11:43:18 +0530 Subject: [PATCH 11/11] edited the deprecation note --- modules/ROOT/pages/deprecated-features.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/ROOT/pages/deprecated-features.adoc b/modules/ROOT/pages/deprecated-features.adoc index 67d8a7fcc..480e99dc8 100644 --- a/modules/ROOT/pages/deprecated-features.adoc +++ b/modules/ROOT/pages/deprecated-features.adoc @@ -91,7 +91,7 @@ a|xref:deprecated-features.adoc#_deprecated_parameter_in_rest_api_v2_0_authentic [#everynmins] == Minute-level schedule frequency -The `POST /api/rest/2.0/schedules/create` API endpoint no longer accepts `minute` as a valid `frequency` value for schedule intervals. +The `POST /api/rest/2.0/schedules/create` and `POST /api/rest/2.0/schedules/{schedule_identifier}/update` API endpoint no longer accept `minute` as a valid `frequency` value for schedule intervals. Impact on your instance:: Starting ThoughtSpot 26.8.0.cl, all existing Liveboard schedules set to `minute` as the frequency will be automatically changed to an hourly frequency.