# Security Schemes ## List Security Schemes > List all Security Schemes items.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"versionId":{"schema":{"$ref":"#/components/schemas/versionId"},"required":true,"description":"Catalog version identifier","in":"path","name":"versionId"}},"schemas":{"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Catalog version identifier"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."},"PaginationMetadata":{"type":"object","properties":{"nextCursor":{"type":["string","null"]},"hasMore":{"type":"boolean"},"limit":{"type":"number"}},"required":["nextCursor","hasMore","limit"],"description":"Pagination metadata"}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/versions/{versionId}/security-schemes":{"get":{"summary":"List Security Schemes","description":"List all Security Schemes items.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"list-security-schemes","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/versionId"},{"schema":{"type":"string","description":"Cursor for pagination (item ID)"},"required":false,"description":"Cursor for pagination (item ID)","name":"after","in":"query"},{"schema":{"type":"integer","minimum":1,"maximum":1000,"default":50,"description":"Maximum number of items to return (default: 50, max: 1000)"},"required":false,"description":"Maximum number of items to return (default: 50, max: 1000)","name":"limit","in":"query"},{"schema":{"anyOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}],"description":"Sort order. Use 'prop' for ascending, '-prop' for descending. Multiple params supported (e.g. sort=name&sort=-createdAt)"},"required":false,"description":"Sort order. Use 'prop' for ascending, '-prop' for descending. Multiple params supported (e.g. sort=name&sort=-createdAt)","name":"sort","in":"query"}],"responses":{"200":{"description":"List of Security Schemes","content":{"application/json":{"schema":{"type":"object","properties":{"items":{"type":"array","items":{"$ref":"#/components/schemas/SecurityScheme"}},"pagination":{"$ref":"#/components/schemas/PaginationMetadata"}},"required":["items","pagination"],"description":"Security Schemes collection"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Create Security Scheme > Create a new Security Scheme item.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"versionId":{"schema":{"$ref":"#/components/schemas/versionId"},"required":true,"description":"Catalog version identifier","in":"path","name":"versionId"}},"schemas":{"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Catalog version identifier"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ConflictError":{"description":"Conflict","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/versions/{versionId}/security-schemes":{"post":{"summary":"Create Security Scheme","description":"Create a new Security Scheme item.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"create-security-scheme","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/versionId"}],"requestBody":{"description":"Payload to create a new Security Scheme item","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"responses":{"201":{"description":"Security Scheme created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"409":{"$ref":"#/components/responses/ConflictError"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Get Security Scheme > Get a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"versionId":{"schema":{"$ref":"#/components/schemas/versionId"},"required":true,"description":"Catalog version identifier","in":"path","name":"versionId"}},"schemas":{"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Catalog version identifier"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/versions/{versionId}/security-schemes/{id}":{"get":{"summary":"Get Security Scheme","description":"Get a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"get-security-scheme-by-id","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/versionId"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"responses":{"200":{"description":"Security Scheme details","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Replace Security Scheme > Completely replaces a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"versionId":{"schema":{"$ref":"#/components/schemas/versionId"},"required":true,"description":"Catalog version identifier","in":"path","name":"versionId"}},"schemas":{"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Catalog version identifier"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/versions/{versionId}/security-schemes/{id}":{"post":{"summary":"Replace Security Scheme","description":"Completely replaces a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"replace-security-scheme-by-id","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/versionId"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"requestBody":{"description":"Payload to replace the Security Scheme item by its id","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"responses":{"200":{"description":"Security Scheme replaced","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"201":{"description":"Security Scheme created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Delete Security Scheme > Delete a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"versionId":{"schema":{"$ref":"#/components/schemas/versionId"},"required":true,"description":"Catalog version identifier","in":"path","name":"versionId"}},"schemas":{"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Catalog version identifier"}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/versions/{versionId}/security-schemes/{id}":{"delete":{"summary":"Delete Security Scheme","description":"Delete a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"delete-security-scheme-by-id","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/versionId"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"responses":{"204":{"description":"Security Scheme deleted"},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Update Security Scheme > Partially updates a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"versionId":{"schema":{"$ref":"#/components/schemas/versionId"},"required":true,"description":"Catalog version identifier","in":"path","name":"versionId"}},"schemas":{"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Catalog version identifier"},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/versions/{versionId}/security-schemes/{id}":{"patch":{"summary":"Update Security Scheme","description":"Partially updates a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"update-security-scheme-by-id","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/versionId"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"requestBody":{"description":"Partial payload to update the Security Scheme item by its id","required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx4syp4we23a","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":["string","null"],"enum":["query","header","cookie",null],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}}}}}},"responses":{"200":{"description":"Security Scheme updated","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## List Security Schemes > List all Security Schemes items.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"projectRef":{"schema":{"$ref":"#/components/schemas/projectRef"},"required":true,"description":"Project slug or project id (proj_*)","in":"path","name":"projectRef"},"versionType":{"schema":{"$ref":"#/components/schemas/versionType"},"required":true,"description":"Version type, can be either 'branch' or 'environment'","in":"path","name":"versionType"},"versionSlug":{"schema":{"$ref":"#/components/schemas/versionSlug"},"required":true,"description":"Version slug","in":"path","name":"versionSlug"}},"schemas":{"projectRef":{"anyOf":[{"type":"string","minLength":31,"maxLength":31,"description":"Object ID with prefix \"proj_\""},{"type":"string","minLength":1}],"description":"Project slug or project id (proj_*)"},"versionType":{"type":"string","enum":["branch","environment"],"description":"Version type, can be either 'branch' or 'environment'"},"versionSlug":{"type":"string","minLength":1,"description":"Version slug"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."},"PaginationMetadata":{"type":"object","properties":{"nextCursor":{"type":["string","null"]},"hasMore":{"type":"boolean"},"limit":{"type":"number"}},"required":["nextCursor","hasMore","limit"],"description":"Pagination metadata"}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/projects/{projectRef}/{versionType}/{versionSlug}/security-schemes":{"get":{"summary":"List Security Schemes","description":"List all Security Schemes items.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"list-security-schemes1","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/projectRef"},{"$ref":"#/components/parameters/versionType"},{"$ref":"#/components/parameters/versionSlug"},{"schema":{"type":"string","description":"Cursor for pagination (item ID)"},"required":false,"description":"Cursor for pagination (item ID)","name":"after","in":"query"},{"schema":{"type":"integer","minimum":1,"maximum":1000,"default":50,"description":"Maximum number of items to return (default: 50, max: 1000)"},"required":false,"description":"Maximum number of items to return (default: 50, max: 1000)","name":"limit","in":"query"},{"schema":{"anyOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}],"description":"Sort order. Use 'prop' for ascending, '-prop' for descending. Multiple params supported (e.g. sort=name&sort=-createdAt)"},"required":false,"description":"Sort order. Use 'prop' for ascending, '-prop' for descending. Multiple params supported (e.g. sort=name&sort=-createdAt)","name":"sort","in":"query"}],"responses":{"200":{"description":"List of Security Schemes","content":{"application/json":{"schema":{"type":"object","properties":{"items":{"type":"array","items":{"$ref":"#/components/schemas/SecurityScheme"}},"pagination":{"$ref":"#/components/schemas/PaginationMetadata"}},"required":["items","pagination"],"description":"Security Schemes collection"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Create Security Scheme > Create a new Security Scheme item.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"projectRef":{"schema":{"$ref":"#/components/schemas/projectRef"},"required":true,"description":"Project slug or project id (proj_*)","in":"path","name":"projectRef"},"versionType":{"schema":{"$ref":"#/components/schemas/versionType"},"required":true,"description":"Version type, can be either 'branch' or 'environment'","in":"path","name":"versionType"},"versionSlug":{"schema":{"$ref":"#/components/schemas/versionSlug"},"required":true,"description":"Version slug","in":"path","name":"versionSlug"}},"schemas":{"projectRef":{"anyOf":[{"type":"string","minLength":31,"maxLength":31,"description":"Object ID with prefix \"proj_\""},{"type":"string","minLength":1}],"description":"Project slug or project id (proj_*)"},"versionType":{"type":"string","enum":["branch","environment"],"description":"Version type, can be either 'branch' or 'environment'"},"versionSlug":{"type":"string","minLength":1,"description":"Version slug"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ConflictError":{"description":"Conflict","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/projects/{projectRef}/{versionType}/{versionSlug}/security-schemes":{"post":{"summary":"Create Security Scheme","description":"Create a new Security Scheme item.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"create-security-scheme1","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/projectRef"},{"$ref":"#/components/parameters/versionType"},{"$ref":"#/components/parameters/versionSlug"}],"requestBody":{"description":"Payload to create a new Security Scheme item","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"responses":{"201":{"description":"Security Scheme created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"409":{"$ref":"#/components/responses/ConflictError"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Get Security Scheme > Get a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"projectRef":{"schema":{"$ref":"#/components/schemas/projectRef"},"required":true,"description":"Project slug or project id (proj_*)","in":"path","name":"projectRef"},"versionType":{"schema":{"$ref":"#/components/schemas/versionType"},"required":true,"description":"Version type, can be either 'branch' or 'environment'","in":"path","name":"versionType"},"versionSlug":{"schema":{"$ref":"#/components/schemas/versionSlug"},"required":true,"description":"Version slug","in":"path","name":"versionSlug"}},"schemas":{"projectRef":{"anyOf":[{"type":"string","minLength":31,"maxLength":31,"description":"Object ID with prefix \"proj_\""},{"type":"string","minLength":1}],"description":"Project slug or project id (proj_*)"},"versionType":{"type":"string","enum":["branch","environment"],"description":"Version type, can be either 'branch' or 'environment'"},"versionSlug":{"type":"string","minLength":1,"description":"Version slug"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/projects/{projectRef}/{versionType}/{versionSlug}/security-schemes/{id}":{"get":{"summary":"Get Security Scheme","description":"Get a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"get-security-scheme-by-id1","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/projectRef"},{"$ref":"#/components/parameters/versionType"},{"$ref":"#/components/parameters/versionSlug"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"responses":{"200":{"description":"Security Scheme details","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Replace Security Scheme > Completely replaces a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"projectRef":{"schema":{"$ref":"#/components/schemas/projectRef"},"required":true,"description":"Project slug or project id (proj_*)","in":"path","name":"projectRef"},"versionType":{"schema":{"$ref":"#/components/schemas/versionType"},"required":true,"description":"Version type, can be either 'branch' or 'environment'","in":"path","name":"versionType"},"versionSlug":{"schema":{"$ref":"#/components/schemas/versionSlug"},"required":true,"description":"Version slug","in":"path","name":"versionSlug"}},"schemas":{"projectRef":{"anyOf":[{"type":"string","minLength":31,"maxLength":31,"description":"Object ID with prefix \"proj_\""},{"type":"string","minLength":1}],"description":"Project slug or project id (proj_*)"},"versionType":{"type":"string","enum":["branch","environment"],"description":"Version type, can be either 'branch' or 'environment'"},"versionSlug":{"type":"string","minLength":1,"description":"Version slug"},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/projects/{projectRef}/{versionType}/{versionSlug}/security-schemes/{id}":{"post":{"summary":"Replace Security Scheme","description":"Completely replaces a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"replace-security-scheme-by-id1","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/projectRef"},{"$ref":"#/components/parameters/versionType"},{"$ref":"#/components/parameters/versionSlug"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"requestBody":{"description":"Payload to replace the Security Scheme item by its id","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"responses":{"200":{"description":"Security Scheme replaced","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"201":{"description":"Security Scheme created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Delete Security Scheme > Delete a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"projectRef":{"schema":{"$ref":"#/components/schemas/projectRef"},"required":true,"description":"Project slug or project id (proj_*)","in":"path","name":"projectRef"},"versionType":{"schema":{"$ref":"#/components/schemas/versionType"},"required":true,"description":"Version type, can be either 'branch' or 'environment'","in":"path","name":"versionType"},"versionSlug":{"schema":{"$ref":"#/components/schemas/versionSlug"},"required":true,"description":"Version slug","in":"path","name":"versionSlug"}},"schemas":{"projectRef":{"anyOf":[{"type":"string","minLength":31,"maxLength":31,"description":"Object ID with prefix \"proj_\""},{"type":"string","minLength":1}],"description":"Project slug or project id (proj_*)"},"versionType":{"type":"string","enum":["branch","environment"],"description":"Version type, can be either 'branch' or 'environment'"},"versionSlug":{"type":"string","minLength":1,"description":"Version slug"}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/projects/{projectRef}/{versionType}/{versionSlug}/security-schemes/{id}":{"delete":{"summary":"Delete Security Scheme","description":"Delete a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"delete-security-scheme-by-id1","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/projectRef"},{"$ref":"#/components/parameters/versionType"},{"$ref":"#/components/parameters/versionSlug"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"responses":{"204":{"description":"Security Scheme deleted"},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` ## Update Security Scheme > Partially updates a Security Scheme item by its id.\ > \ > SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy. ```json {"openapi":"3.1.0","info":{"title":"Appear API","version":"2.0.0"},"tags":[{"name":"Security Schemes"}],"servers":[{"url":"https://api.appear.sh","description":"Primary public endpoint"}],"security":[{"projectApiKey":[]},{"personalAccessToken":[]}],"components":{"securitySchemes":{"projectApiKey":{"type":"http","scheme":"bearer","bearerFormat":"API Key","description":"Project API key authentication. Use your project API key as a Bearer token in the Authorization header."},"personalAccessToken":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"Personal access token authentication. Use your personal access token as a Bearer token in the Authorization header. Suitable for MCP integrations, CLI tools, and other OAuth flows."}},"parameters":{"projectRef":{"schema":{"$ref":"#/components/schemas/projectRef"},"required":true,"description":"Project slug or project id (proj_*)","in":"path","name":"projectRef"},"versionType":{"schema":{"$ref":"#/components/schemas/versionType"},"required":true,"description":"Version type, can be either 'branch' or 'environment'","in":"path","name":"versionType"},"versionSlug":{"schema":{"$ref":"#/components/schemas/versionSlug"},"required":true,"description":"Version slug","in":"path","name":"versionSlug"}},"schemas":{"projectRef":{"anyOf":[{"type":"string","minLength":31,"maxLength":31,"description":"Object ID with prefix \"proj_\""},{"type":"string","minLength":1}],"description":"Project slug or project id (proj_*)"},"versionType":{"type":"string","enum":["branch","environment"],"description":"Version type, can be either 'branch' or 'environment'"},"versionSlug":{"type":"string","minLength":1,"description":"Version slug"},"ProseMirrorContentSchema":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}},"content":{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}},"marks":{"type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"attrs":{"type":"object","additionalProperties":{}}},"required":["type"],"additionalProperties":{}}},"text":{"type":"string"}},"additionalProperties":{},"description":"A recursive schema modeling ProseMirror document/node structure. It mirrors the ProseMirror JSON format as described at https://prosemirror.net/docs/guide/#schema.serialization. Each node may contain a `type`, optional `attrs`, children in `content`, formatting `marks`, and inline `text`."},"SecurityScheme":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx36gzhd55mm","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":"string","enum":["query","header","cookie"],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}},"required":["type","name","versionId"],"description":"SecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy."}},"responses":{"BadRequestError":{"description":"Invalid request","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"UnauthorizedError":{"description":"Unauthorized","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"ForbiddenError":{"description":"Forbidden","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"NotFoundErrorSecurityScheme":{"description":"Security Scheme not found","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$schema":"https://json-schema.org/draft/2020-12/schema","type":"object","properties":{"error":{"type":"string"},"details":{}},"required":["error"],"additionalProperties":false}}}}}},"paths":{"/v2/catalog/projects/{projectRef}/{versionType}/{versionSlug}/security-schemes/{id}":{"patch":{"summary":"Update Security Scheme","description":"Partially updates a Security Scheme item by its id.\n\nSecurityScheme is an authentication scheme definition covering API keys, HTTP auth (including bearer), mutual TLS, OAuth 2.0, and OpenID Connect that callers must satisfy.","operationId":"update-security-scheme-by-id1","tags":["Security Schemes"],"parameters":[{"$ref":"#/components/parameters/projectRef"},{"$ref":"#/components/parameters/versionType"},{"$ref":"#/components/parameters/versionSlug"},{"schema":{"type":"string","minLength":34,"maxLength":34,"description":"Security Scheme identifier"},"required":true,"description":"Security Scheme identifier","name":"id","in":"path"}],"requestBody":{"description":"Partial payload to update the Security Scheme item by its id","required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string","minLength":34,"maxLength":34,"default":"sec_sch_agpf42ylcfymdjwx56tewuovou","description":"Object ID with prefix \"sec_sch_\""},"type":{"type":"string","enum":["apiKey","http","mutualTls","oauth2","openIdConnect"],"description":"Kind of authentication mechanism (API key, HTTP auth/bearer, mutual TLS, OAuth 2.0, or OpenID Connect)."},"in":{"type":["string","null"],"enum":["query","header","cookie",null],"description":"Location of the API key for apiKey schemes (query, header, or cookie)."},"name":{"type":"string","description":"Identifier for the security scheme; matches the name used when publishing or importing API definitions."},"description":{"type":"string","description":"Security scheme description in markdown."},"descriptionBlocks":{"anyOf":[{"$ref":"#/components/schemas/ProseMirrorContentSchema"},{"type":"array","items":{"$ref":"#/components/schemas/ProseMirrorContentSchema"}}],"description":"Security scheme description in ProseMirror JSON blocks."},"scheme":{"type":"string","description":"HTTP auth scheme label (for example: basic, bearer, digest)."},"bearerFormat":{"type":"string","description":"Optional hint about the bearer token format (for example: JWT)."},"flows":{"description":"OAuth 2.0 flow configuration (e.g., auth code, client credentials) detailing token and authorization URLs."},"openIdConnectUrl":{"type":"string","description":"OpenID Connect discovery endpoint when type is openIdConnect."},"versionId":{"type":"string","minLength":30,"maxLength":30,"description":"Object ID with prefix \"ver_\""},"updatedAt":{"type":["string","null"],"format":"date-time","default":"2026-05-25T09:15:34.033Z"}}}}}},"responses":{"200":{"description":"Security Scheme updated","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityScheme"}}}},"400":{"$ref":"#/components/responses/BadRequestError"},"401":{"$ref":"#/components/responses/UnauthorizedError"},"403":{"$ref":"#/components/responses/ForbiddenError"},"404":{"$ref":"#/components/responses/NotFoundErrorSecurityScheme"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}} ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.appear.sh/api/security-schemes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.