> ## Documentation Index > Fetch the complete documentation index at: https://docs.synq.io/llms.txt > Use this file to discover all available pages before exploring further. # ListIntegrations > List all integrations in the workspace (optionally filtered by enabled state). Secret config fields are masked. The full set is returned in one response — a workspace has only a handful of integrations. ## OpenAPI ````yaml /api-reference/openapi.yaml get /api/integrations/v1 openapi: 3.1.0 info: version: '1.0' title: SYNQ servers: - url: https://developer.synq.io - url: https://api.us.synq.io security: - bearerAuth: [] tags: - name: synq.issues.issues.v1.IssuesService description: IssuesService is a service for managing Issues. - name: synq.issues.v2.IssuesService description: IssuesService is a service for managing Issues. - name: synq.incidents.v1.IncidentsService description: IncidentsService is a service for managing Incidents. - name: synq.alerts.services.v1.AlertsService description: AlertsService provides operations for managing alert configurations. - name: synq.agent.recon.v1.YamlService description: >- YamlService provides stateless conversion between YAML config format and proto. This is useful for UI editors that need to display/edit suite configs as YAML. - name: synq.agent.recon.v1.SuiteDeploymentService description: |- SuiteDeploymentService is the platform plane of reconciliation. SuiteConfigService is the developer/authoring sandbox (edit, version, run ad-hoc with your own credentials — preview-only, no Entity, no Run, no Issue). A deployment is what SYNQ actually runs on the workspace's behalf: a frozen snapshot of a suite config, mapped to workspace-level SYNQ integrations, optionally scheduled or triggerable by API. Identity: every deployment has a stable deployment_id (UUIDv7) assigned on first promote. It survives re-promotes, schedule/mapping changes, and pause/resume. Downstream AssetCommand / RunCommand publication keys off deployment_id so Entity identity does not fragment on promote churn. - name: synq.agent.sre.v1.TriageService description: >- Service for managing issue triage operations, allowing LLM agents to conclude investigations and record evidence during the triage process. - name: synq.agent.sre.v1.LlmService description: Service for evaluating LLM requests and producing structured output. - name: synq.agent.sre.v1.FeatureRequestService description: >- FeatureRequestService allows MCP clients to submit feature requests when users encounter missing capabilities. This is a last-resort service — it should only be used when no existing tool can fulfill the user's request. - name: synq.integrations.v1.IntegrationsService description: |- IntegrationsService manages connections from Coalesce Quality to your data systems (warehouses, databases, and transformation tools). Concurrency: every integration carries an opaque `etag`. Read it from `GetIntegration` / `ListIntegrations`, then pass it back on `UpdateIntegration` / `DeleteIntegration` to ensure you modify the version you last saw. A stale etag is rejected with ABORTED (HTTP 409). Omit the etag for last-write-wins. Quota: each workspace has a limit on the number of integrations. Creating beyond the limit is rejected with RESOURCE_EXHAUSTED. Secrets: credential fields (passwords, tokens, keys) are write-only. They are masked (returned empty) on every read. On update, omit a secret to keep it, send a new value to rotate it, or send an explicit empty string to clear it (where the field is `optional`). - name: synq.auth.iam.v1.IamService - name: synq.monitors.predictions.v1.MonitorPredictionsService description: Access to anomaly detection model predictions and raw metric timeseries. - name: synq.monitors.info.v1.MonitorInfoService - name: synq.monitors.custom_monitors.v1.CustomMonitorsService - name: synq.monitors.history.v1.HistoryService - name: synq.monitors.automated_monitors.v1.DeploymentRulesService - name: synq.entities.executions.v2.EntityExecutionsService description: >- EntityExecutionsService provides read-only access to entity execution history. This service allows customers to retrieve information about all executions that happened on their entities, including execution status, timing, and messages. Use cases: - Retrieve execution history for specific entities - Filter executions by time range, status, or execution type - Get aggregated summaries of execution activity - Track execution trends and patterns - name: synq.datachecks.sqltests.v1.SqlTestsService description: SqlTestsService is a service for managing SqlTests. - name: synq.datachecks.v1.TriggerService description: TriggerService provides synchronous execution of datachecks on entities. - name: synq.datachecks.testsuggestions.v1.TestSuggestionsService - name: synq.extensions.atlan.provider.v1.AtlanProviderService - name: synq.extensions.atlan.integrations.v1.AtlanIntegrationService - name: synq.extensions.atlan.workflows.v1.AtlanWorkflowService - name: synq.platforms.v1.PlatformsService description: PlatformsService is a service for managing Platforms and Integrations. - name: synq.queries.v1.NLQueryService description: >- NLQueryService generates structured Query protos from natural language descriptions using an LLM. - name: synq.schedule.v1.ScheduleService description: ScheduleService provides schedule evaluation utilities. - name: synq.entities.executions.v1.EntityExecutionsService description: 'Deprecated: Use [synq.entities.custom.v1.EntityExecutionsService] instead' - name: synq.entities.status.v1.EntityIncidentsService description: EntityIncidentsService is the service which retrieves entity status. - name: synq.entities.status.v1.EntityIssuesService description: EntityIssuesService is the service which retrieves entity issues status. - name: synq.entities.orchestration.v1.OrchestrationService description: >- OrchestrationService provides information about orchestration relationships between entities. This includes relationships between Airflow tasks and transformation models (dbt, SQLMesh), as well as task-to-task dependencies. - name: synq.entities.coordinates.v1.DatabaseCoordinatesService description: >- DatabaseCoordinatesService is a service for getting database coordinates of Entities. - name: synq.entities.checks.v1.ChecksCategoriesService description: |- ChecksCategoriesService lets workspace admins set explicit category overrides on individual checks. An explicit category is the authoritative category for a check — it takes precedence over the categories computed by the workspace's categorisation rules. It is a public API so customers can manage check categories programmatically; the same service is also mounted on the internal API. The workspace and the acting identity are always taken from the request context, never from the payload. - name: synq.entities.sql_insights.v1.SqlInsightsService description: >- SqlInsightsService exposes analytical information about the SQL used across a workspace's entities. It answers questions such as "which SQL constructs are used in my warehouse, and how often" and "what SQL constructs does this specific entity use", without requiring the caller to re-parse any SQL. - name: synq.entities.custom.v1.RelationshipsService description: >- RelationshipsService allow management of relationships between entities. Relationships can be created, updated, and deleted between 2 custom entities, or between a custom entity and Coalesce Quality native entity.enum There is no option to create relationships between 2 Coalesce Quality native entities (dbt model, BI dashboard, etc.). - name: synq.entities.custom.v1.TypesService description: TypesService is a service for managing custom entity types. - name: synq.entities.custom.v1.GroupsService description: >- It eliminates the need to keep state on client side to remember which assets were already created and which should be deleted. The server will keep track of the current state of the group and client can always send the intended new state. The server will calculate the diff and entities that are no longer present in the group will be removed. Example: 1. group has entities A, B, C at time t1 2. client sends group with entities B, C, D at time t2 3. server will remove entity A from the system and update the current state of the group to B, C, D The service is designed to be idempotent and can be called multiple times with the same state without causing any side effects. - name: synq.entities.custom.v1.EntityExecutionsService - name: synq.entities.custom.v1.EntitiesService description: >- custom.EntitiesService is a service for managing custom entities. Entities can represent various data platform concepts such as services, consumers, applications or data pipelines that are not natively available in Coalesce Quality. Entities are identified by a unique identifier and can be created, updated, read and deleted. - name: synq.entities.custom.v1.FeaturesService - name: synq.entities.impact.v1.ImpactService - name: synq.entities.schemas.v1.SchemaMismatchesService description: >- SchemaMismatchesService provides access to schema drift information between data platform tables and their definitions (e.g., dbt models). - name: synq.entities.schemas.v1.SchemasService description: EntitiesService is a service for retriving any entity. - name: synq.entities.constraints.v1.TableConstraintsService description: >- TableConstraintsService provides access to table constraint and index information. - name: synq.entities.changes.v1.ChangesService description: >- ChangesService provides functionality to track and retrieve all types of changes to data entities. This unified service returns ALL change types for an entity: - Git commits: Changes to code files (dbt models, SQL files) tracked in version control - Schema changes: Database schema modifications (columns added/removed/changed) - SQL definition changes: View/materialized view definition updates detected by Coalesce Quality Changes are returned with structured metadata including: - For git commits: structured statistics (directories, file types, top changes) - For schema changes: detailed column-level diffs - For SQL changes: before/after SQL definitions Use cases: - "What changed in the last week for table X?" → Returns git commits, schema changes, SQL changes - "Show me all commits affecting this dbt model" → Returns git commits with lineage context - "What schema changes happened to this table?" → Returns schema changes detected by Coalesce Quality - name: synq.entities.lineage.v1.LineageService description: |- LineageService allows you to fetch: * Entity level lineage from a starting point of one or more entities. * Column Level lineage from a starting point of multiple columns of a single entity. - name: synq.entities.entities.v1.EntitiesService description: EntitiesService is a service for retriving any entity. - name: synq.entities.annotations.v1.AnnotationsService description: >- AnnotationsService provides operations for managing and querying entity annotations. Annotations are key-value pairs that can be attached to entities for categorization and filtering. - name: synq.entities.code.v1.CodeService description: >- CodeService is a service for retrieving code associated with entities in the system. It provides functionality to access and manage code artifacts such as SQL queries, Python scripts, dbt models, and other code configurations that are part of Coalesce Quality entities. - name: synq.entities.resolve.v1.IdentifierResolveService description: >- IdentifierResolveService resolves identifiers to their Coalesce Quality paths and identities. - name: synq.ingest.airflow.v1.AirflowLogsService - name: synq.ingest.cloudwatch.v1.CloudwatchService - name: synq.ingest.openlineage.v1.OpenlineageService - name: synq.ingest.dwh.v1.DwhService - name: synq.dataproducts.v1.DataproductsService description: DataproductsService can be used to manage data products. - name: synq.git.commits.v1.CommitsService paths: /api/integrations/v1: get: tags: - synq.integrations.v1.IntegrationsService summary: ListIntegrations description: |- List all integrations in the workspace (optionally filtered by enabled state). Secret config fields are masked. The full set is returned in one response — a workspace has only a handful of integrations. operationId: synq.integrations.v1.IntegrationsService.ListIntegrations parameters: - name: disabled in: query description: >- Optional filter: when set, return only enabled (false) or only disabled (true) integrations. Unset means both. schema: type: boolean title: disabled description: >- Optional filter: when set, return only enabled (false) or only disabled (true) integrations. Unset means both. responses: '200': description: Success content: application/json: schema: $ref: >- #/components/schemas/synq.integrations.v1.ListIntegrationsResponse components: schemas: synq.integrations.v1.ListIntegrationsResponse: type: object properties: integrations: type: array items: $ref: '#/components/schemas/synq.integrations.v1.Integration' description: All integrations matching the request. title: ListIntegrationsResponse additionalProperties: false description: Response with the workspace's integrations. synq.integrations.v1.Integration: type: object properties: id: type: string description: >- Server-assigned unique identifier (UUID). Use it to address the integration in `GetIntegration`, `UpdateIntegration`, `DeleteIntegration`, and the enable / disable / refresh / health RPCs. title: type: string description: >- Human-friendly name shown in the Coalesce Quality UI. Set by you on create and editable via update. disabled: type: boolean description: >- Whether the integration is currently disabled. A disabled integration keeps its configuration but is not scheduled or refreshed. Toggle with `EnableIntegration` / `DisableIntegration`. createdAt: $ref: '#/components/schemas/google.protobuf.Timestamp' description: When the integration was created. updatedAt: $ref: '#/components/schemas/google.protobuf.Timestamp' description: |- When the integration was last modified (configuration, title, or enabled / disabled state). etag: type: string description: |- Opaque entity tag for optimistic concurrency. Pass it back as `UpdateIntegrationRequest.etag` / `DeleteIntegrationRequest.etag` to ensure you are modifying the version you last read; a mismatch is rejected with a 409 / ABORTED. The value is weak (prefixed `W/`) and opaque — do not parse it. platform: $ref: '#/components/schemas/synq.platforms.v1.DataPlatformType' description: >- The data platform this integration connects to (for example POSTGRES, CLICKHOUSE, SNOWFLAKE). UNSPECIFIED for integrations that are not data warehouses or databases. dialect: $ref: '#/components/schemas/synq.entities.v1.SqlDialect' description: >- The SQL dialect this integration understands — useful when writing SQL against it, such as custom monitors or reconciliation queries. Determined by the platform. UNSPECIFIED for integrations that are not data warehouses or databases. config: $ref: '#/components/schemas/synq.integrations.v1.IntegrationConfig' description: Connection configuration. Secret fields are masked (empty) on reads. outputs: $ref: '#/components/schemas/synq.integrations.v1.IntegrationOutputs' description: >- Server-generated outputs (read-only). Empty for types that produce none. capabilities: $ref: '#/components/schemas/synq.integrations.v1.Capabilities' description: >- Actions valid for this integration in its current state (read-only hint). title: Integration additionalProperties: false description: |- Integration is a connection from Coalesce Quality to one of your data systems (a warehouse, database, or transformation tool). google.protobuf.Timestamp: type: string examples: - '2023-01-15T01:30:15.01Z' - '2024-12-25T12:00:00Z' format: date-time description: >- A Timestamp represents a point in time independent of any time zone or local calendar, encoded as a count of seconds and fractions of seconds at nanosecond resolution. The count is relative to an epoch at UTC midnight on January 1, 1970, in the proleptic Gregorian calendar which extends the Gregorian calendar backwards to year one. All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap second table is needed for interpretation, using a [24-hour linear smear](https://developers.google.com/time/smear). The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By restricting to that range, we ensure that we can convert to and from [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) date strings. # Examples Example 1: Compute Timestamp from POSIX `time()`. Timestamp timestamp; timestamp.set_seconds(time(NULL)); timestamp.set_nanos(0); Example 2: Compute Timestamp from POSIX `gettimeofday()`. struct timeval tv; gettimeofday(&tv, NULL); Timestamp timestamp; timestamp.set_seconds(tv.tv_sec); timestamp.set_nanos(tv.tv_usec * 1000); Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. FILETIME ft; GetSystemTimeAsFileTime(&ft); UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. Timestamp timestamp; timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. long millis = System.currentTimeMillis(); Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) .setNanos((int) ((millis % 1000) * 1000000)).build(); Example 5: Compute Timestamp from Java `Instant.now()`. Instant now = Instant.now(); Timestamp timestamp = Timestamp.newBuilder().setSeconds(now.getEpochSecond()) .setNanos(now.getNano()).build(); Example 6: Compute Timestamp from current time in Python. timestamp = Timestamp() timestamp.GetCurrentTime() # JSON Mapping In JSON format, the Timestamp type is encoded as a string in the [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the format is "{year}-{month}-{day}T{hour}:{min}:{sec}[.{frac_sec}]Z" where {year} is always expressed using four digits while {month}, {day}, {hour}, {min}, and {sec} are zero-padded to two digits each. The fractional seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution), are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone is required. A proto3 JSON serializer should always use UTC (as indicated by "Z") when printing the Timestamp type and a proto3 JSON parser should be able to accept both UTC and other timezones (as indicated by an offset). For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past 01:30 UTC on January 15, 2017. In JavaScript, one can convert a Date object to this format using the standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString) method. In Python, a standard `datetime.datetime` object can be converted to this format using [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use the Joda Time's [`ISODateTimeFormat.dateTime()`]( http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D ) to obtain a formatter capable of generating timestamps in this format. synq.platforms.v1.DataPlatformType: type: string title: DataPlatformType enum: - DATA_PLATFORM_TYPE_UNSPECIFIED - DATA_PLATFORM_TYPE_BIGQUERY - DATA_PLATFORM_TYPE_LOOKER - DATA_PLATFORM_TYPE_DBT - DATA_PLATFORM_TYPE_DBT_CLOUD - DATA_PLATFORM_TYPE_DBT_SELF_HOSTED - DATA_PLATFORM_TYPE_SNOWFLAKE - DATA_PLATFORM_TYPE_GCP - DATA_PLATFORM_TYPE_GIT - DATA_PLATFORM_TYPE_GITHUB - DATA_PLATFORM_TYPE_REDSHIFT - DATA_PLATFORM_TYPE_TABLEAU - DATA_PLATFORM_TYPE_AIRFLOW - DATA_PLATFORM_TYPE_CLICKHOUSE - DATA_PLATFORM_TYPE_POSTGRES - DATA_PLATFORM_TYPE_MYSQL - DATA_PLATFORM_TYPE_DATABRICKS - DATA_PLATFORM_TYPE_SQLMESH - DATA_PLATFORM_TYPE_DUCKDB - DATA_PLATFORM_TYPE_TRINO - DATA_PLATFORM_TYPE_ATLAN - DATA_PLATFORM_TYPE_COALESCE - DATA_PLATFORM_TYPE_CASTORDOC - DATA_PLATFORM_TYPE_POWERBI - DATA_PLATFORM_TYPE_THOUGHTSPOT - DATA_PLATFORM_TYPE_SIGMA - DATA_PLATFORM_TYPE_DOMO - DATA_PLATFORM_TYPE_MSSQL - DATA_PLATFORM_TYPE_ORACLE - DATA_PLATFORM_TYPE_ATHENA - DATA_PLATFORM_TYPE_SYNQ synq.entities.v1.SqlDialect: type: string title: SqlDialect enum: - SQL_DIALECT_UNSPECIFIED - SQL_DIALECT_BIGQUERY - SQL_DIALECT_CLICKHOUSE - SQL_DIALECT_DATABRICKS - SQL_DIALECT_MYSQL - SQL_DIALECT_POSTGRESQL - SQL_DIALECT_REDSHIFT - SQL_DIALECT_SNOWFLAKE - SQL_DIALECT_DUCKDB - SQL_DIALECT_TRINO - SQL_DIALECT_MSSQL - SQL_DIALECT_ORACLE - SQL_DIALECT_ATHENA synq.integrations.v1.IntegrationConfig: type: object oneOf: - properties: athena: $ref: '#/components/schemas/synq.integrations.v1.AthenaCloudConf' title: athena description: Amazon Athena connection. title: athena required: - athena - properties: bigquery: $ref: '#/components/schemas/synq.integrations.v1.BigQueryCloudConf' title: bigquery description: Google BigQuery connection. title: bigquery required: - bigquery - properties: clickhouse: $ref: '#/components/schemas/synq.integrations.v1.ClickhouseCloudConf' title: clickhouse description: ClickHouse connection. title: clickhouse required: - clickhouse - properties: databricks: $ref: '#/components/schemas/synq.integrations.v1.DatabricksCloudConf' title: databricks description: Databricks connection. title: databricks required: - databricks - properties: dbtCloud: $ref: '#/components/schemas/synq.integrations.v1.DbtCloudConf' title: dbt_cloud description: dbt Cloud connection. title: dbt_cloud required: - dbtCloud - properties: duckdb: $ref: '#/components/schemas/synq.integrations.v1.DuckDBCloudConf' title: duckdb description: DuckDB / MotherDuck connection. title: duckdb required: - duckdb - properties: mssql: $ref: '#/components/schemas/synq.integrations.v1.MSSQLCloudConf' title: mssql description: Microsoft SQL Server / Azure SQL connection. title: mssql required: - mssql - properties: mysql: $ref: '#/components/schemas/synq.integrations.v1.MySQLCloudConf' title: mysql description: MySQL connection. title: mysql required: - mysql - properties: oracle: $ref: '#/components/schemas/synq.integrations.v1.OracleCloudConf' title: oracle description: Oracle Database connection. title: oracle required: - oracle - properties: postgres: $ref: '#/components/schemas/synq.integrations.v1.PostgresCloudConf' title: postgres description: PostgreSQL connection. title: postgres required: - postgres - properties: redshift: $ref: '#/components/schemas/synq.integrations.v1.RedshiftCloudConf' title: redshift description: Amazon Redshift connection. title: redshift required: - redshift - properties: snowflake: $ref: '#/components/schemas/synq.integrations.v1.SnowflakeCloudConf' title: snowflake description: Snowflake connection. title: snowflake required: - snowflake - properties: trino: $ref: '#/components/schemas/synq.integrations.v1.TrinoCloudConf' title: trino description: Trino / Presto connection. title: trino required: - trino additionalProperties: false description: |- IntegrationConfig is the connection configuration for an integration. Exactly one variant of the `config` oneof is set; the populated variant determines the integration's type. The config holds the connection details (host, credentials, scope) for the connected system. Secret fields (passwords, tokens, keys) follow write-only semantics: they are masked (returned empty) on reads. See each `*Conf` message and `IntegrationsService.UpdateIntegration` for preserve / rotate / clear rules. synq.integrations.v1.IntegrationOutputs: type: object oneOf: - properties: athena: $ref: '#/components/schemas/synq.integrations.v1.AthenaOutputs' title: athena description: 'Athena: the resolved AWS caller identity.' title: athena required: - athena - properties: bigquery: $ref: '#/components/schemas/synq.integrations.v1.BigQueryOutputs' title: bigquery description: >- BigQuery: the service-account identity to grant dataset access to. title: bigquery required: - bigquery - properties: snowflake: $ref: '#/components/schemas/synq.integrations.v1.SnowflakeOutputs' title: snowflake description: 'Snowflake: the public key to register when using key-pair auth.' title: snowflake required: - snowflake additionalProperties: false description: >- Generated, non-secret values produced by the server when an integration is created (for example a service-account email to grant access to, or a public key to install). Outputs are read-only and are never accepted on writes. At most one variant is set, matching the integration's type. Types that produce no outputs leave this message empty. synq.integrations.v1.Capabilities: type: object properties: canPatch: type: boolean description: |- The configuration can be changed via `UpdateIntegration`. False for read-only / externally-owned integrations. canRefresh: type: boolean description: An ad-hoc refresh can be triggered via `RefreshIntegration`. canDisable: type: boolean description: >- The integration can be disabled via `DisableIntegration` (true only when currently enabled). canEnable: type: boolean description: >- The integration can be enabled via `EnableIntegration` (true only when currently disabled). canDelete: type: boolean description: The integration can be deleted via `DeleteIntegration`. isDwh: type: boolean description: >- Whether this is a data warehouse or database connection (rather than a transformation tool, catalog, etc.). Querying features — data preview, SQL tests, and reconciliation — are only available for these. canReconcileDeploy: type: boolean description: >- Whether scheduled and API-triggered reconciliations can run against this integration. True only when it is an enabled data warehouse and your workspace has enabled reconciliation for it. These runs use the integration's workspace-level credentials, so this does not depend on any individual user's personal connection. title: Capabilities additionalProperties: false description: |- Capabilities advertise which actions are valid for an integration in its current state, so a client can decide what to offer before calling. Capabilities are a hint computed from the integration's type and current state; the server still enforces every action. A `false` flag means the action would be rejected right now (unsupported for this type, or not applicable in the current state — for example `can_enable` is false for an already-enabled integration). synq.integrations.v1.AthenaCloudConf: type: object allOf: - properties: region: type: string title: region minLength: 1 description: >- AWS region hosting Athena and the Glue Data Catalog (e.g. "eu-central-1"). nullable: true workgroup: type: string title: workgroup description: >- Workgroup to run queries under. Defaults to "primary" when empty; must have a query result location configured. nullable: true useShowCreateTable: type: boolean title: use_show_create_table description: Use SHOW CREATE TABLE per object to retrieve full table DDL. nullable: true useShowCreateView: type: boolean title: use_show_create_view description: Use SHOW CREATE VIEW per view to retrieve full view DDL. nullable: true fetchQueryLogs: type: boolean title: fetch_query_logs description: >- Fetch Athena query history (management API calls; no per-scan billing). nullable: true useIcebergMetricsScan: type: boolean title: use_iceberg_metrics_scan description: >- For Iceberg tables, scan metadata tables for row counts and file sizes (one Athena query per table). nullable: true scope: $ref: '#/components/schemas/synq.common.v1.ScopeFilter' title: scope description: >- Include/exclude scope filter. ScopeRule.database = Glue catalog (usually "AwsDataCatalog"), ScopeRule.schema = Glue database, ScopeRule.table = table/view. nullable: true - oneOf: - properties: accessKey: $ref: >- #/components/schemas/synq.integrations.v1.AthenaAccessKeyAuth title: access_key description: Long-lived IAM user access key. title: access_key required: - accessKey title: AthenaCloudConf additionalProperties: false description: >- Amazon Athena cloud-managed connection. Athena is serverless — there is no host/port; the endpoint is implied by the AWS region. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.BigQueryCloudConf: type: object properties: projectId: type: string minLength: 1 description: Google Cloud project id containing the datasets to monitor. nullable: true blacklistedDatasets: type: array items: type: string description: >- Dataset name patterns to exclude from ingestion. Mutually exclusive with `datasets` — when `datasets` is set, this is ignored. serviceAccountKey: type: string description: Service-account key JSON. Write-only — masked on reads. nullable: true region: type: string minLength: 1 description: Google Cloud region for the project (e.g. "us-central1", "EU"). nullable: true fetchQueryLogs: type: boolean description: Ingest BigQuery query logs from INFORMATION_SCHEMA. nullable: true auditTableFqn: type: string description: |- Fully-qualified table for storing SQL test audit logs (e.g. "project.dataset.table"). nullable: true datasets: type: array items: type: string description: >- Explicit list of datasets to scrape. When set, only these are queried (no project-level dataset listing needed). When empty, all visible datasets are discovered. Mutually exclusive with `blacklisted_datasets`. title: BigQueryCloudConf additionalProperties: false description: |- Google BigQuery cloud-managed connection. All fields are optional so an update can carry only what changes: omit a field to leave it unchanged, or send a new value to set it. Secret fields are write-only (masked, returned empty, on reads); omit to keep the stored value or send a new value to rotate it. synq.integrations.v1.ClickhouseCloudConf: type: object properties: host: type: string minLength: 1 description: Host address or IP. nullable: true port: type: string description: Port (e.g. "8123" for HTTP, "9440" for HTTPS). nullable: true username: type: string description: Username. nullable: true password: type: string description: Password. Write-only — masked on reads. nullable: true defaultDataset: type: string description: Default database/schema used when not specified in a reference. nullable: true additionalParameters: type: object additionalProperties: type: string title: value description: |- Additional connection parameters as key/value pairs (e.g. "max_execution_time": "30"). ssl: type: boolean description: Enable SSL/TLS. nullable: true databaseName: type: string description: Database to connect to and ingest metadata from. nullable: true fetchQueryLogs: type: boolean description: Ingest query logs from system.query_log. nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: ClickhouseCloudConf additionalProperties: false description: |- ClickHouse cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.DatabricksCloudConf: type: object allOf: - properties: workspaceUrl: type: string title: workspace_url minLength: 1 description: >- Workspace URL (e.g. "https://your-workspace.cloud.databricks.com"). nullable: true warehouseId: type: string title: warehouse_id description: SQL warehouse id (or cluster id) used to execute queries. nullable: true fetchQueryLogs: type: boolean title: fetch_query_logs description: Ingest query logs from system tables. nullable: true fetchTableMetrics: type: boolean title: fetch_table_metrics description: Run ANALYZE TABLE to refresh and collect statistics. nullable: true fetchTableMetricsScan: type: boolean title: fetch_table_metrics_scan description: |- Run ANALYZE TABLE ... SCAN for detailed metrics incl. row counts (more resource-intensive). nullable: true catalogBlocklist: type: array items: type: string title: catalog_blocklist description: Catalog name patterns to exclude from ingestion. fetchTableTags: type: boolean title: fetch_table_tags description: Retrieve Unity Catalog table tags. nullable: true useShowCreateTable: type: boolean title: use_show_create_table description: >- Use SHOW CREATE TABLE for table DDL (otherwise extracted from query logs). nullable: true auditTableFqn: type: string title: audit_table_fqn description: Fully-qualified table for storing SQL test audit logs. nullable: true disableUnityTableLineage: type: boolean title: disable_unity_table_lineage description: >- Disable retrieval of Unity Catalog table-to-table lineage. Coalesce Quality already computes lineage from query logs, so the Unity Catalog edges can be redundant noise. When unset/false, Unity Catalog table-to-table lineage is retrieved and published (the default). nullable: true - oneOf: - properties: oauthM2m: $ref: '#/components/schemas/synq.integrations.v1.DatabricksOAuthM2M' title: oauth_m2m description: OAuth 2.0 machine-to-machine (service principal) auth. title: oauth_m2m required: - oauthM2m - properties: token: type: string title: token description: Personal access token. Write-only — masked on reads. title: token required: - token title: DatabricksCloudConf additionalProperties: false description: |- Databricks cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.DbtCloudConf: type: object properties: accountId: type: string minLength: 1 description: dbt Cloud account id (the numeric id from your dbt Cloud URL). nullable: true jobIds: type: array items: type: string description: >- dbt Cloud jobs to track, by job id. Provide the full set on every update (the list is replaced, not merged). When empty, all jobs visible to the API token are tracked. token: type: string description: >- dbt Cloud API token (service token recommended). Write-only — masked on reads; omit to keep the stored token, send a new value to rotate it. nullable: true projectId: type: string description: >- Project id used to generate asset identifiers. Use the same id for multiple projects that should be merged. nullable: true apiEndpoint: type: string description: |- dbt Cloud API hostname without scheme (e.g. "cloud.getdbt.com", "emea.dbt.com"). Empty uses the multi-tenant default. nullable: true defaultDatabaseInstance: type: string description: >- Database instance identifier, required where database names are not globally unique (e.g. a Snowflake account). nullable: true title: DbtCloudConf additionalProperties: false description: |- dbt Cloud transformation orchestration cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.DuckDBCloudConf: type: object properties: motherduckAccount: type: string description: MotherDuck account name or identifier. nullable: true accessToken: type: string description: MotherDuck access token. Write-only — masked on reads. nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: DuckDBCloudConf additionalProperties: false description: |- DuckDB (via MotherDuck) cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.MSSQLCloudConf: type: object properties: host: type: string minLength: 1 description: Hostname or IP (Azure SQL e.g. "yourserver.database.windows.net"). nullable: true port: type: integer maximum: 65535 minimum: 1 format: int32 description: Port (typically 1433). nullable: true database: type: string description: Database to connect to and ingest metadata from. nullable: true username: type: string description: Login username. nullable: true password: type: string description: Login password. Write-only — masked on reads. nullable: true trustCert: type: boolean description: >- Skip TLS server certificate verification (not recommended for Azure SQL). nullable: true encrypt: type: string description: |- Encryption mode: "true" (default, required for Azure SQL), "false", "disable". nullable: true fetchQueryLogs: type: boolean description: >- Ingest query logs from Query Store (must be enabled on the database; Azure SQL has it on by default). nullable: true scope: $ref: '#/components/schemas/synq.common.v1.ScopeFilter' description: >- Include/exclude scope filter (by schema and table; database-level filtering does not apply since the connection targets one database). nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: MSSQLCloudConf additionalProperties: false description: >- Microsoft SQL Server / Azure SQL Database cloud-managed connection. SQL Server connections are scoped to a single database; create one integration per database. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.MySQLCloudConf: type: object properties: user: type: string description: Username. nullable: true password: type: string description: Password. Write-only — masked on reads. nullable: true host: type: string minLength: 1 description: Host address or IP. nullable: true port: type: integer maximum: 65535 minimum: 1 format: int32 description: Port (typically 3306). nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: MySQLCloudConf additionalProperties: false description: |- MySQL cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.OracleCloudConf: type: object properties: host: type: string minLength: 1 description: >- Host address or IP (OCI Autonomous DB e.g. "adb.eu-frankfurt-1.oraclecloud.com"). nullable: true port: type: integer maximum: 65535 minimum: 1 format: int32 description: >- Listener port (typically 1521; OCI Autonomous DB with mTLS uses 1522). nullable: true serviceName: type: string description: Service name / PDB name (OCI Autonomous DB e.g. "mydb_high"). nullable: true username: type: string description: Username. nullable: true password: type: string description: Password. Write-only — masked on reads. nullable: true ssl: type: boolean description: Enable TLS/SSL (TCPS). Required for OCI Autonomous Database. nullable: true sslVerify: type: boolean description: Verify the server certificate when SSL is enabled. nullable: true fetchQueryLogs: type: boolean description: >- Ingest query logs (V$SQL by default, DBA_HIST with the Diagnostics Pack). nullable: true useDiagnosticsPack: type: boolean description: >- Use the Oracle Diagnostics Pack (AWR) for persistent query-log history (requires a license; included with OCI Autonomous Database). nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: OracleCloudConf additionalProperties: false description: >- Oracle Database cloud-managed connection. Oracle connections are scoped to a Pluggable Database (PDB) via the service name. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.PostgresCloudConf: type: object properties: user: type: string description: Username. nullable: true password: type: string description: Password. Write-only — masked on reads. nullable: true host: type: string minLength: 1 description: Host address or IP. nullable: true port: type: integer maximum: 65535 minimum: 1 format: int32 description: Port (typically 5432). nullable: true database: type: string description: Database to connect to and ingest metadata from. nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: PostgresCloudConf additionalProperties: false description: |- PostgreSQL cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.RedshiftCloudConf: type: object properties: user: type: string description: Username. nullable: true password: type: string description: Password. Write-only — masked on reads. nullable: true host: type: string minLength: 1 description: Cluster endpoint hostname. nullable: true port: type: integer maximum: 65535 minimum: 1 format: int32 description: Port (typically 5439). nullable: true database: type: string description: Database to connect to and ingest metadata from. nullable: true fetchQueryLogs: type: boolean description: Ingest query logs from system views. nullable: true freshnessFromQueryLogs: type: boolean description: Estimate table freshness from query logs (SYS_QUERY_DETAIL). nullable: true auditTableFqn: type: string description: Fully-qualified table for storing SQL test audit logs. nullable: true title: RedshiftCloudConf additionalProperties: false description: |- Amazon Redshift cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.SnowflakeCloudConf: type: object allOf: - properties: user: type: string title: user description: Snowflake username. nullable: true account: type: string title: account description: >- Account identifier (e.g. "xy12345.us-east-1") without scheme or trailing slash. nullable: true warehouse: type: string title: warehouse description: Warehouse to run queries on. nullable: true databases: type: array items: type: string title: databases description: Databases to monitor and ingest metadata from. role: type: string title: role description: Role to use for metadata access and queries. nullable: true fetchQueryLogs: type: boolean title: fetch_query_logs description: Ingest query logs from the ACCOUNT_USAGE schema. nullable: true fetchQueryLogsDatabases: type: array items: type: string title: fetch_query_logs_databases description: >- Databases to fetch query logs from (defaults to all configured databases). auditTableFqn: type: string title: audit_table_fqn description: Fully-qualified table for storing SQL test audit logs. nullable: true noGetDdl: type: boolean title: no_get_ddl description: Skip GET_DDL for table definitions (use query logs instead). nullable: true fetchTasks: type: boolean title: fetch_tasks description: Ingest Snowflake Tasks metadata. nullable: true fetchTasksDatabases: type: array items: type: string title: fetch_tasks_databases description: >- Databases to retrieve tasks from (defaults to all configured databases). fetchTasksExecutionsFromAccountUsage: type: boolean title: fetch_tasks_executions_from_account_usage description: Use ACCOUNT_USAGE.TASK_HISTORY for task execution history. nullable: true fetchTasksExecutionsDuration: $ref: '#/components/schemas/google.protobuf.Duration' title: fetch_tasks_executions_duration description: >- Time range for fetching task execution history (minimum 5 minutes). nullable: true fetchTableLineage: type: boolean title: fetch_table_lineage description: >- Produce table-level lineage via GET_LINEAGE (Enterprise edition or higher). nullable: true fetchTableLineageDatabases: type: array items: type: string title: fetch_table_lineage_databases description: >- Databases to fetch upstream lineage from (defaults to `databases`). accountUsageDb: type: string title: account_usage_db description: >- Database where the ACCOUNT_USAGE schema lives (defaults to "SNOWFLAKE"). nullable: true - oneOf: - properties: keyPair: $ref: >- #/components/schemas/synq.integrations.v1.SnowflakeKeyPairAuth title: key_pair description: Key-pair authentication. title: key_pair required: - keyPair - properties: password: type: string title: password description: Password. Write-only — masked on reads. title: password required: - password title: SnowflakeCloudConf additionalProperties: false description: |- Snowflake cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.TrinoCloudConf: type: object allOf: - properties: host: type: string title: host format: hostname description: Coordinator hostname or IP. nullable: true port: type: integer title: port maximum: 65535 minimum: 1 format: int32 description: >- Port (leave unset for the driver default — typically 443 for HTTPS, 8080 for HTTP). nullable: true catalogs: type: array items: type: string minLength: 1 title: catalogs description: Catalogs to ingest metadata from (e.g. ["hive", "postgresql"]). fetchQueryLogs: type: boolean title: fetch_query_logs description: Ingest query logs from system tables. nullable: true noShowCreateView: type: boolean title: no_show_create_view description: Disable SHOW CREATE VIEW for view DDL. nullable: true noShowCreateTable: type: boolean title: no_show_create_table description: Disable SHOW CREATE TABLE for table DDL. nullable: true noMaterializedViews: type: boolean title: no_materialized_views description: >- Disable fetching materialized views from system.metadata.materialized_views. nullable: true fetchTableComments: type: boolean title: fetch_table_comments description: Fetch table comments from system.metadata.table_comments. nullable: true usePlaintext: type: boolean title: use_plaintext description: >- Use plaintext HTTP instead of HTTPS. Only enable when SSL is unsupported or the connection is otherwise secured (e.g. a VPN). nullable: true auditTableFqn: type: string title: audit_table_fqn description: Fully-qualified table for storing SQL test audit logs. nullable: true - oneOf: - properties: basic: $ref: '#/components/schemas/synq.integrations.v1.TrinoBasicAuth' title: basic description: Basic username/password auth. title: basic required: - basic title: TrinoCloudConf additionalProperties: false description: |- Trino / Presto cloud-managed connection. Fields are optional so an update can carry only what changes (omit = leave unchanged). Secret fields are write-only (masked on reads); omit to keep or send a new value to rotate. synq.integrations.v1.AthenaOutputs: type: object properties: accountId: type: string description: AWS account id resolved from the supplied credentials. principalArn: type: string description: >- ARN of the IAM principal Coalesce Quality authenticates as. Reference it in your Athena / Glue resource policies. title: AthenaOutputs additionalProperties: false description: Athena generated outputs. synq.integrations.v1.BigQueryOutputs: type: object properties: serviceAccountEmail: type: string description: >- Email of the service account derived from the supplied credentials. Grant this principal access to the datasets you want Coalesce Quality to read. title: BigQueryOutputs additionalProperties: false description: BigQuery generated outputs. synq.integrations.v1.SnowflakeOutputs: type: object properties: publicKey: type: string description: >- Public key (PEM) to register on the Snowflake user when authenticating with a Coalesce Quality–managed key pair. Empty when you supply your own credentials. title: SnowflakeOutputs additionalProperties: false description: Snowflake generated outputs. synq.common.v1.ScopeFilter: type: object properties: include: type: array items: $ref: '#/components/schemas/synq.common.v1.ScopeRule' description: Include rules. If non-empty, only matching objects are accepted. exclude: type: array items: $ref: '#/components/schemas/synq.common.v1.ScopeRule' description: >- Exclude rules. Matching objects are rejected, even if they match an include rule. title: ScopeFilter additionalProperties: false description: >- ScopeFilter defines include/exclude rules for scoping data warehouse queries. Matching semantics: - If include is non-empty, a (database, schema, table) tuple must match at least one include rule. - If exclude is non-empty, the tuple must NOT match any exclude rule. - Exclude takes precedence over include (exclude wins). - Empty/unset ScopeFilter means accept all. synq.integrations.v1.AthenaAccessKeyAuth: type: object properties: accessKeyId: type: string minLength: 16 description: AWS access key id (e.g. "AKIA..."). nullable: true secretAccessKey: type: string description: AWS secret access key. Write-only — masked on reads. nullable: true title: AthenaAccessKeyAuth additionalProperties: false description: >- Amazon Athena access-key authentication (long-lived IAM user credentials). synq.integrations.v1.DatabricksOAuthM2M: type: object properties: clientId: type: string description: OAuth client id of the service principal. nullable: true clientSecret: type: string description: OAuth client secret. Write-only — masked on reads. nullable: true title: DatabricksOAuthM2M additionalProperties: false description: Databricks OAuth 2.0 machine-to-machine (service principal) credentials. google.protobuf.Duration: type: string format: duration description: |- A Duration represents a signed, fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like "day" or "month". It is related to Timestamp in that the difference between two Timestamp values is a Duration and it can be added or subtracted from a Timestamp. Range is approximately +-10,000 years. # Examples Example 1: Compute Duration from two Timestamps in pseudo code. Timestamp start = ...; Timestamp end = ...; Duration duration = ...; duration.seconds = end.seconds - start.seconds; duration.nanos = end.nanos - start.nanos; if (duration.seconds < 0 && duration.nanos > 0) { duration.seconds += 1; duration.nanos -= 1000000000; } else if (duration.seconds > 0 && duration.nanos < 0) { duration.seconds -= 1; duration.nanos += 1000000000; } Example 2: Compute Timestamp from Timestamp + Duration in pseudo code. Timestamp start = ...; Duration duration = ...; Timestamp end = ...; end.seconds = start.seconds + duration.seconds; end.nanos = start.nanos + duration.nanos; if (end.nanos < 0) { end.seconds -= 1; end.nanos += 1000000000; } else if (end.nanos >= 1000000000) { end.seconds += 1; end.nanos -= 1000000000; } Example 3: Compute Duration from datetime.timedelta in Python. td = datetime.timedelta(days=3, minutes=10) duration = Duration() duration.FromTimedelta(td) # JSON Mapping In JSON format, the Duration type is encoded as a string rather than an object, where the string ends in the suffix "s" (indicating seconds) and is preceded by the number of seconds, with nanoseconds expressed as fractional seconds. For example, 3 seconds with 0 nanoseconds should be encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should be expressed in JSON format as "3.000000001s", and 3 seconds and 1 microsecond should be expressed in JSON format as "3.000001s". synq.integrations.v1.SnowflakeKeyPairAuth: type: object properties: privateKeySecret: type: string description: >- PEM-encoded private key (PKCS#8). Write-only — masked on reads. Required when using key-pair auth. nullable: true publicKey: type: string description: >- Public key corresponding to the private key. For a Coalesce Quality–managed key pair this is returned so you can register it on the Snowflake user; when you supply your own key it is optional. nullable: true privateKeyPassphrase: type: string description: >- Optional passphrase for an encrypted private key. Write-only — masked on reads. nullable: true title: SnowflakeKeyPairAuth additionalProperties: false description: Snowflake key-pair authentication. synq.integrations.v1.TrinoBasicAuth: type: object properties: user: type: string description: Trino username. nullable: true password: type: string description: Trino password. Write-only — masked on reads. nullable: true title: TrinoBasicAuth additionalProperties: false description: Trino basic (username / password) authentication. synq.common.v1.ScopeRule: type: object properties: database: type: string description: |- Database-level pattern. Maps to: catalog in Databricks/Trino, project in BigQuery. schema: type: string description: |- Schema-level pattern. Maps to: dataset in BigQuery, schema in all other warehouses. table: type: string description: Table or view name pattern. title: ScopeRule additionalProperties: false description: |- ScopeRule is a multi-level pattern for matching data warehouse objects. All non-empty fields must match for the rule to apply. Empty field means "match anything" at that level (wildcard). Patterns support glob syntax where * matches zero or more characters. Matching is case-insensitive. securitySchemes: bearerAuth: type: http scheme: bearer ````