# Schemas

## Overview

The Panther API supports the following schema operations:

* Creating or updating a custom schema
* Listing schemas

You can invoke Panther's API by using your Console's API Playground, or the GraphQL-over-HTTP API. Learn more about these methods on [Panther API](https://docs.panther.com/panther-developer-workflows/api/..#step-1-choose-a-method-for-invoking-the-api).

See [Custom Logs](https://docs.panther.com/data-onboarding/custom-log-types) to learn more about custom schemas in Panther.

### Required API token permissions

Before starting to make API calls, ensure your API token has the necessary permissions attached:

* **View Log Sources**: Required for all schema operations.
* **Manage Log Sources**: Required for the schema management operations that are mutations (i.e., `CreateOrUpdateSchema`).
* **Read User Info**: Required if you would like to retrieve integration fields related to an actor, such as `createdBy`.

<figure><img src="https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-cb06bb3f6bc6edac266896c98db3f73103f79f41%2Fimage.png?alt=media" alt="An &#x22;Integrations&#x22; header is above four checkboxes: View Cloud Security Sources, Manage Cloud Security Sources, View Log Sources, and Manage Log Sources."><figcaption></figcaption></figure>

## Common schema operations

#### Creating a custom schema

```graphql
mutation addSchema {
  createOrUpdateSchema(input:{
    description: "description"
    name:"Custom.NewSchema",
    isFieldDiscoveryEnabled: true,
    spec:"""
    fields:
     - name: foo
       type: string
    """
  }) {
    schema {
      createdAt
      description
      isArchived
      isManaged
      name
      referenceURL
      revision
      isFieldDiscoveryEnabled
      spec
      discoveredSpec
      updatedAt
      version
    }
  }
}
```

#### Listing schemas

This query lists all schemas, including custom and Panther-managed schemas.

{% hint style="info" %}
Pagination is not currently supported by `schemas`—all schemas will be returned in the first page of results. The `cursor` field in the `input` object, below, is a placeholder for when pagination is eventually supported.
{% endhint %}

```graphql
query ListSchemas {
  schemas(input:{cursor:""}) {
    edges {
      node {
        createdAt
        description
        isArchived
        isManaged
        name
        referenceURL
        revision
        isFieldDiscoveryEnabled
        spec
        discoveredSpec
        updatedAt
        version
      }
    }
  }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.panther.com/panther-developer-workflows/api/graphql/schemas.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.