> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sidenet.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Update a tool provider

> Updates provider fields. Send `auth_secret` to rotate Vault credentials. Reloads the org tools and rebuilds dependent agents.



## OpenAPI

````yaml /api-reference/openapi.json patch /v1/tool-providers/{id}
openapi: 3.1.0
info:
  title: Sidenet API
  version: 1.0.0
  description: >-
    Custom HTTP endpoints exposed by the Sidenet Mastra server. All routes
    require a bearer token and resolve org context from the API key (or the
    `X-Organization-Id` header). This reference is generated from the live route
    definitions in `src/mastra/routes`.
servers:
  - url: ''
security:
  - bearerAuth: []
paths:
  /v1/tool-providers/{id}:
    servers:
      - url: /
    patch:
      tags:
        - V1
        - Tool Providers
      summary: Update a tool provider
      description: >-
        Updates provider fields. Send `auth_secret` to rotate Vault credentials.
        Reloads the org tools and rebuilds dependent agents.
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
        - name: X-Organization-Id
          in: header
          required: false
          schema:
            type: string
          description: >-
            Organization to scope the request to. Optional when authenticating
            with an org API key (the org is taken from the key; if sent, it must
            match). Required when authenticating with the trusted key.
        - name: X-User-Id
          in: header
          required: false
          schema:
            type: string
          description: >-
            End-user identity for the request; user-scoped data (threads,
            memory) resolves to `{orgId}_{userId}`. Required by endpoints that
            read or write user-scoped resources. A `userId` query param (or body
            field, where documented) is accepted as a fallback.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                name:
                  type: string
                  minLength: 1
                base_url:
                  type: string
                  format: uri
                description:
                  type: string
                  nullable: true
                auth_type:
                  type: string
                  enum:
                    - basic
                    - bearer
                    - api-key
                    - oauth2
                    - custom
                  nullable: true
                auth_config:
                  type: object
                  additionalProperties: {}
                  nullable: true
                default_headers:
                  type: object
                  additionalProperties:
                    type: string
                  nullable: true
                runtime_auth:
                  type: boolean
                timeout_ms:
                  type: integer
                  minimum: 1000
                  maximum: 30000
                mcp_transport:
                  type: string
                  enum:
                    - streamable_http
                    - sse
                  nullable: true
                auth_secret:
                  type: object
                  additionalProperties: {}
              additionalProperties: false
      responses:
        '200':
          description: Updated
        '400':
          description: Bad request
        '404':
          description: Not found
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        Org API key (scopes the request to its organization) or the shared
        trusted key (requires `X-Organization-Id` on every request).

````