curl --request PATCH \
  --url https://{instance}.omniapp.co/api/v1/connections/{connectionId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "passwordUnencrypted": "new-password-here"
}
'

{
  "success": true,
  "message": "Updated connection credentials."
}

Connections

Update connection

Update connection properties including credentials. Credentials are encrypted at rest and never returned in API responses.

This endpoint supports credential rotation for infrastructure-as-code workflows. Depending on the connection type, you can update:

Password-based connections (Postgres, MySQL, etc.): Use passwordUnencrypted to update the password
BigQuery: Use passwordUnencrypted to update the service account JSON
Snowflake: Use privateKey to update the RSA private key (PEM format, minimum 2048 bits)

At least one field must be provided in the request body.

PATCH

connections

{connectionId}

curl --request PATCH \
  --url https://{instance}.omniapp.co/api/v1/connections/{connectionId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "passwordUnencrypted": "new-password-here"
}
'

{
  "success": true,
  "message": "Updated connection credentials."
}

Authorizations

Authorization

string

header

required

Can be either an Organization API Key or Personal Access Token (PAT).

Include in the Authorization header as: Bearer YOUR_TOKEN

Path Parameters

connectionId

string<uuid>

required

Connection ID

Body

application/json

passwordUnencrypted

string

Password or service account JSON for credential rotation.

For password-based connections such as Postgres, MySQL, etc. - Provide the new password as a string
For BigQuery - Provide the entire service account JSON file as a string

Example:

"new-password-here"

privateKey

string

Only applicable to Snowflake connections. RSA private key in PEM format for Snowflake connections. Must be at least 2048 bits.

Example:

"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBg..."

baseRole

enum<string>

The default role for users accessing this connection

Available options:

NO_ACCESS,

VIEWER,

RESTRICTED_QUERIER,

QUERIER,

MODELER,

CONNECTION_ADMIN

environmentUserAttribute

object

Configuration for environment user attributes. Set to null to remove environment user attribute settings.

Show child attributes

Response

Connection updated successfully

success

boolean

Example:

true

message

string

Example:

"Updated connection credentials."

Create connection

List schema refresh schedules

⌘I

Getting started

Endpoints

Update connection

Authorizations

Path Parameters

Body

Response