> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sidenet.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Update a copilot (agents, workflows, sdk_ui)

> Replaces whichever of `agents` ([{agentId}]), `workflows` ([{workflowId}]), or `sdk_ui` is provided. Validates that every referenced agent/workflow belongs to the caller's org. Busts the copilot resolution cache.



## OpenAPI

````yaml /api-reference/openapi.json patch /v1/copilots/{id}
openapi: 3.1.0
info:
  title: Sidenet API
  version: 1.0.0
  description: >-
    Custom HTTP endpoints exposed by the Sidenet Mastra server. All routes
    require a bearer token and resolve org context from the API key (or the
    `X-Organization-Id` header). This reference is generated from the live route
    definitions in `src/mastra/routes`.
servers:
  - url: ''
security:
  - bearerAuth: []
paths:
  /v1/copilots/{id}:
    servers:
      - url: /
    patch:
      tags:
        - Copilots
      summary: Update a copilot (agents, workflows, sdk_ui)
      description: >-
        Replaces whichever of `agents` ([{agentId}]), `workflows`
        ([{workflowId}]), or `sdk_ui` is provided. Validates that every
        referenced agent/workflow belongs to the caller's org. Busts the copilot
        resolution cache.
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
        - name: X-Organization-Id
          in: header
          required: false
          schema:
            type: string
          description: >-
            Organization to scope the request to. Optional when authenticating
            with an org API key (the org is taken from the key; if sent, it must
            match). Required when authenticating with the trusted key.
        - name: X-User-Id
          in: header
          required: false
          schema:
            type: string
          description: >-
            End-user identity for the request; user-scoped data (threads,
            memory) resolves to `{orgId}_{userId}`. Required by endpoints that
            read or write user-scoped resources. A `userId` query param (or body
            field, where documented) is accepted as a fallback.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                agents:
                  type: array
                  items:
                    type: object
                    properties:
                      agentId:
                        type: string
                workflows:
                  type: array
                  items:
                    type: object
                    properties:
                      workflowId:
                        type: string
                sdk_ui: {}
                handoff_prompt:
                  type: string
      responses:
        '200':
          description: Updated
        '400':
          description: Invalid body or unknown agent/workflow
        '404':
          description: Not found
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        Org API key (scopes the request to its organization) or the shared
        trusted key (requires `X-Organization-Id` on every request).

````