> For the complete documentation index, see [llms.txt](https://docs.panther.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.panther.com/panther-developer-workflows/api/graphql/schemas.md).

# Schemas

## Overview

The Panther API supports the following schema operations:

* Creating or updating a custom schema
* Listing schemas

You can invoke Panther's API by using your Console's API Playground, or the GraphQL-over-HTTP API. Learn more about these methods on [Panther API](/panther-developer-workflows/api.md#step-1-choose-a-method-for-invoking-the-api).

See [Custom Logs](/data-onboarding/custom-log-types.md) to learn more about custom schemas in Panther.

### Required API token permissions

Before starting to make API calls, ensure your API token has the necessary permissions attached:

* **View Log Sources**: Required for all schema operations.
* **Manage Log Sources**: Required for the schema management operations that are mutations (i.e., `CreateOrUpdateSchema`).
* **Read User Info**: Required if you would like to retrieve integration fields related to an actor, such as `createdBy`.

<figure><img src="/files/3eAkMOUTGLokcfHHkXmq" alt="An &#x22;Integrations&#x22; header is above four checkboxes: View Cloud Security Sources, Manage Cloud Security Sources, View Log Sources, and Manage Log Sources."><figcaption></figcaption></figure>

## Common schema operations

#### Creating a custom schema

```graphql
mutation addSchema {
  createOrUpdateSchema(input:{
    description: "description"
    name:"Custom.NewSchema",
    isFieldDiscoveryEnabled: true,
    spec:"""
    fields:
     - name: foo
       type: string
    """
  }) {
    schema {
      createdAt
      description
      isArchived
      isManaged
      name
      referenceURL
      revision
      isFieldDiscoveryEnabled
      spec
      discoveredSpec
      updatedAt
      version
    }
  }
}
```

#### Listing schemas

This query lists all schemas, including custom and Panther-managed schemas.

{% hint style="info" %}
Pagination is not currently supported by `schemas`—all schemas will be returned in the first page of results. The `cursor` field in the `input` object, below, is a placeholder for when pagination is eventually supported.
{% endhint %}

```graphql
query ListSchemas {
  schemas(input:{cursor:""}) {
    edges {
      node {
        createdAt
        description
        isArchived
        isManaged
        name
        referenceURL
        revision
        isFieldDiscoveryEnabled
        spec
        discoveredSpec
        updatedAt
        version
      }
    }
  }
}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.panther.com/panther-developer-workflows/api/graphql/schemas.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.