thoughtspot · rani2655 · May 20, 2026 · May 28, 2026
diff --git a/modules/ROOT/pages/authentication.adoc b/modules/ROOT/pages/authentication.adoc
@@ -772,6 +772,45 @@ curl -X POST \
 
 If the API request is successful, ThoughtSpot returns a 204 status code and ends the user session.
 
+== Configuring authentication settings
+To enable or disable authentication at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/configure` endpoint.
+
+=== Request parameters
+[width="100%" cols="1,4"]
+[options='header']
+|=====
+|Parameter|Description
+|`auth_type`
+|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only.
+
+|`cluster_preferences`
+__Optional__
+|__Nullable__. `ENABLE` or `DISABLE` authentication for the cluster. When enabled, a new token is generated if one does not exist. When disabled, the existing cluster-level access token is revoked.
+
+|`org_preferences`
+__Optional__
+|__Nullable__. `ENABLE` or `DISABLE` authentication for a particular Org.  When enabled, a new org-level access token is generated if one does not exist. When disabled, the existing org-level access token is revoked.
+
+|`org_identifier`
+
+|=====
+
+== Search authentication settings
+To find the authentication configuration for the specified auth type at the cluster or Org level, send a request to the `POST /api/rest/2.0/auth/search` endpoint.
+
+=== Request parameters
+[width="100%" cols="1,4"]
+[options='header']
+|=====
+|Parameter|Description
+|`auth_type`
+|__String__. Type of authentication mechanism to configure. Currently, supports `TRUSTED_AUTH` only.
+
+|`scope`
+__Optional__
+|__String__. Select `CLUSTER` to retrieve only cluster-level settings, or `ORG` to retrieve only Org-level settings. If no selection is made, both cluster and Org-level settings are retrieved based on user permissions.
+|=====
+
 ////
 ==== Response codes
 

diff --git a/modules/ROOT/pages/collections.adoc b/modules/ROOT/pages/collections.adoc
@@ -235,6 +235,146 @@ curl -X POST \
 
 If the API request is successful, the objects in the Collection are replaced with the objects in this API request.
 
+== Share a Collection
+[NOTE]
+====
+Collections sharing via the security API is available from ThoughtSpot Cloud 26.6.0.cl.
+====
+
+To share a Collection with a user or group, send a `POST` request to the `POST /api/rest/2.0/security/metadata/share` endpoint with `metadata_type` set to `COLLECTION`.
+
+Collections support dual permissions that let you set independent access levels for the Collection and the objects within it.
+
+=== Permission fields
+
+[width="100%", cols="1,1,3"]
+[options='header']
+|=====
+|Field|Applies to|Description
+
+|`share_mode`|Collection |Controls access to the Collection itself — view, edit, or delete the Collection.
+Accepted values: `READ_ONLY`, `MODIFY`, `NO_ACCESS`.
+
+|`content_share_mode`|Collection content|Controls access to the objects within the Collection — Liveboards, Answers, Models, and nested Collections.
+Accepted values: `READ_ONLY`, `MODIFY`, `NO_ACCESS`.
+
+Only applicable when `metadata_type` is `COLLECTION`. If omitted, defaults to `READ_ONLY` (or `NO_ACCESS` when `share_mode` is `NO_ACCESS`).
+|=====
+
+=== Permission scenarios
+
+[width="100%", cols="1,1,1,2"]
+[options='header']
+|=====
+|Role|`share_mode`|`content_share_mode`|What the principal can do
+
+|`MODIFY`|`MODIFY`|Full control — manage the Collection and edit its contents
+|`MODIFY`|`READ_ONLY`|Manage the Collection structure but cannot edit objects within it
+|`READ_ONLY`|`MODIFY`|Edit objects within the Collection but cannot change the Collection itself
+|`READ_ONLY`|`READ_ONLY`|View the Collection and its contents only
+|=====
+
+=== Share a Collection (read-only)
+
+To share a Collection with a user in read-only mode, send the following request:
+
+[source,CURL]
+----
+curl -X POST \
+  --url 'https://{ThoughtSpot-Host}/api/rest/2.0/security/metadata/share' \
+  -H 'Accept: application/json' \
+  -H 'Content-Type: application/json' \
+  -H 'Authorization: Bearer {AUTH_TOKEN}' \
+  --data-raw '{
+  "metadata_type": "COLLECTION",
+  "metadata_identifiers": ["Sales reports"],
+  "permissions": [
+    {
+      "principal": {
+        "type": "USER",
+        "identifier": "name@example.com"
+      },
+      "share_mode": "READ_ONLY"
+    }
+  ],
+  "notification": {
+    "message": "I have shared the Sales reports collection with you.",
+    "notify_on_share": true
+  }
+}'
+----
+
+If the request is successful, the API returns the HTTP `204 No Content` status code.
+
+=== Share a Collection with dual permissions
+
+To give a user different levels of access to the Collection and its contents, set both `share_mode` and `content_share_mode`.
+
+[source,CURL]
+----
+curl -X POST \
+  --url 'https://{ThoughtSpot-Host}/api/rest/2.0/security/metadata/share' \
+  -H 'Accept: application/json' \
+  -H 'Content-Type: application/json' \
+  -H 'Authorization: Bearer {AUTH_TOKEN}' \
+  --data-raw '{
+  "metadata_type": "COLLECTION",
+  "metadata_identifiers": ["Marketing Analytics"],
+  "permissions": [
+    {
+      "principal": {
+        "type": "USER",
+        "identifier": "name@example.com"
+      },
+      "share_mode": "MODIFY",
+      "content_share_mode": "READ_ONLY"
+    },
+    {
+      "principal": {
+        "type": "USER_GROUP",
+        "identifier": "Marketing Team"
+      },
+      "share_mode": "READ_ONLY",
+      "content_share_mode": "READ_ONLY"
+    }
+  ],
+  "notification": {
+    "message": "Sharing the Marketing Analytics collection with your team.",
+    "notify_on_share": true
+  }
+}'
+----
+
+If the request is successful, the API returns the HTTP `204 No Content` status code.
+
+=== Remove Collection access
+
+To remove a user's access to a Collection, set `share_mode` to `NO_ACCESS`:
+
+[source,CURL]
+----
+curl -X POST \
+  --url 'https://{ThoughtSpot-Host}/api/rest/2.0/security/metadata/share' \
+  -H 'Accept: application/json' \
+  -H 'Content-Type: application/json' \
+  -H 'Authorization: Bearer {AUTH_TOKEN}' \
+  --data-raw '{
+  "metadata_type": "COLLECTION",
+  "metadata_identifiers": ["Confidential Reports"],
+  "permissions": [
+    {
+      "principal": {
+        "type": "USER",
+        "identifier": "former-member@example.com"
+      },
+      "share_mode": "NO_ACCESS"
+    }
+  ]
+}'
+----
+
+If the request is successful, the API returns the HTTP `204 No Content` status code.
+
 == Delete a Collection
 To remove an existing Collection, send a `POST` request to the `POST /api/rest/2.0/collections/delete` API endpoint.
 

diff --git a/modules/ROOT/pages/data-report-v2-api.adoc b/modules/ROOT/pages/data-report-v2-api.adoc
@@ -481,6 +481,41 @@ curl -X POST \
 * HTML rendering is not supported for PDF exports of Answers with tables.
 ====
 
+
+Contact ThoughtSpot support to enable these enhanced settings for this API endpoint on your ThoughtSpot instance:
+
+* `personalised_view_identifier` [beta betaBackground]^Beta^ +
+Optional parameter to specify the GUID of the personalised view of the Answer object that you want to download.
+* `type` [beta betaBackground]^Beta^ +
+Used to distinguish between a saved answer and a pinned answer on a Liveboard. Setting this parameter to `PINNED` allows the API to
+accept the guid of a pinned Answer directly as the `metadata_identifier`. When
+exporting a `PINNED` answer, all Liveboard-level filters, Runtime Filters, and Column
+Security Rules (CSR) are automatically applied to the export output.
+
+The `png_options` [beta betaBackground]^Beta^ support the following properties:
+
+[cols="1,1,3"]
+|===
+|Property |Type |Description
+
+|`x_resolution`
+|Number
+|Width of the exported PNG in pixels. +
+Valid range: `600px` to `3840px`.
+
+|`y_resolution`
+|Number
+|Height of the exported PNG in pixels. +
+Valid range: `600px` to `3840px`.
+
+|`scaling`
+|Integer
+|Display scale percentage for objects rendered in the image. Adjusts the relative
+size of visual elements without cropping the image. +
+Valid range: `80%` to `400%`.
+|===
+
+
 [#exportSpotterData]
 ==== Export data generated from Spotter APIs
 To export results generated from Spotter APIs such as  `/api/rest/2.0/ai/answer/create`, `/api/rest/2.0/ai/agent/converse/sse`, and `/api/rest/2.0/ai/conversation/{conversation_identifier}/converse`, include the session ID and generation number in the `POST` request body.
@@ -504,7 +539,7 @@ curl -X POST \
 
 * `session_identifier` refers to session ID returned in the Spotter API response.
 * `generation_number` indicates the Answer generation number.
-* `file_format`  specifies the format of the output. You can export the Spotter-generated data as PNG or CSV file. By default, the API exports this data in PNG file format.
+* `file_format`  specifies the format of the output. You can export the Spotter-generated data as PNG, CSV, XLSX, or PDF file. By default, the API exports this data in PNG file format.
 
 ===== API Response
 

diff --git a/modules/ROOT/pages/rest-api-v2-reference.adoc b/modules/ROOT/pages/rest-api-v2-reference.adoc
@@ -130,6 +130,15 @@ ThoughtSpot Software: __10.0.0.sw or later__ a| +++<a href="{{navprefix}}/restV2
 a| `POST /api/rest/2.0/auth/token/custom` +
 Generates an authentication token with pre-defined RLS rules and filter attributes for a user. a| ThoughtSpot Cloud: __10.4.0.cl or later__ +
 ThoughtSpot Software: __10.7.0.sw or later__ a| +++<a href="{{navprefix}}/restV2-playground?apiResourceId=http%2Fapi-endpoints%2Fauthentication%2Fget-custom-access-token" id="preview-in-playground">Try it out </a>+++
+
+a| `POST /api/rest/2.0/auth/configure` +
+Enables or disables authentication. a| ThoughtSpot Cloud: __26.6.0.cl or later__ +
+a| +++<a href="{{navprefix}}/restV2-playground?apiResourceId=http%2Fapi-endpoints%2Fauthentication%2Fconfigure-auth-settings" id="preview-in-playground">Try it out </a>+++
+
+a| `POST /api/rest/2.0/auth/search` +
+Retrieves the authentication configuration for the specified auth type. a| ThoughtSpot Cloud: __26.6.0.cl or later__ +
+a| +++<a href="{{navprefix}}/restV2-playground?apiResourceId=http%2Fapi-endpoints%2Fauthentication%2Fsearch-auth-settings" id="preview-in-playground">Try it out </a>+++
+
 |=====
 --
 

diff --git a/modules/ROOT/pages/rest-apiv2-changelog.adoc b/modules/ROOT/pages/rest-apiv2-changelog.adoc
@@ -8,6 +8,90 @@
 
 This changelog lists the features and enhancements introduced in REST API v2.0. For information about new features and enhancements available for embedded analytics, see xref:whats-new.adoc[What's New].
 
+== Version 26.6.0.cl, June 2026
+=== New API endpoints
+==== Authentication
+The following new endpoints allow searching for the authentication configuration at the cluster or Org level, and also allows enabling and disabling the authentication. Currently, only support trusted authentication.
+
+* `POST /api/rest/2.0/auth/configure` +
+Enables or disables authentication at cluster or Org level for the specified auth type.
+*  `POST /api/rest/2.0/auth/search` +
+Returns the authentication configuration for the specified auth type at cluster and Org level.
+
+=== Answer report API enhancements [beta betaBackground]^Beta^
+
+The `POST /api/rest/2.0/report/answer` API endpoint introduces the following enhancements:
+
+Pinned Answer export::
+// SOURCE: SCAL-236681, SCAL-306548
+You can now export a pinned Answer directly from a Liveboard using the Answer report API.
+To export a pinned Answer, specify the `viz_guid` parameter in your API request.
+Exports from this endpoint inherently respect Liveboard-level filters, Runtime Filters, and JWT token context.
++
+To export a specific personalized view of a pinned Answer, include the `personalised_view_identifier` parameter.
+// TODO: verify with engineering — confirm exact parameter name casing and accepted value type (GUID, name, or both) for `personalised_view_identifier`
+
+Spotter Answer export::
+// SOURCE: SCAL-236681, SCAL-306548
+XLSX and PDF export formats are now supported for Spotter (conversational) Answers.
+
+// TODO: verify with engineering — confirm if any limitations apply for chart-type Spotter Answers vs table-type Answers
+
+Custom PNG dimensions::
+// SOURCE: SCAL-236681, SCAL-306548
+PNG exports now support custom dimensions via the following new parameters:
++
+* `x_resolution` — Sets the export width in pixels. Valid range: 600–3840 px.
+* `y_resolution` — Sets the export height in pixels. Valid range: 600–3840 px.
++
+// TODO: verify with engineering — confirm whether `x_resolution` and `y_resolution` are top-level request body parameters or nested inside a `png_options` object
+
+Display scaling::
+// SOURCE: SCAL-236681, SCAL-306548
+// TODO: verify with engineering — confirm the exact parameter name for the scaling percentage (for example, `scaling`, `scale_factor`, or `scaling_percent`)
+A new scaling parameter allows you to adjust the relative size of visual elements in PNG exports without cropping.
+Valid range: 80–400%.
+
+Automatic file naming::
+// SOURCE: SCAL-236681, SCAL-306548
+The API now automatically names exported files based on the Answer title and appends the correct file extension (`.png`, `.pdf`, `.csv`, or `.xlsx`).
+// TODO: verify with engineering — confirm whether a caller-supplied filename overrides the automatic name
+
+Contact ThoughtSpot support to enable these settings for PNG downloads on your ThoughtSpot instance.
+For more information, see xref:data-report-v2-api.adoc#_answer_report_api[Answer report API documentation].
+
+=== Connection deactivate and activate API [beta betaBackground]^Beta^
+
+// SOURCE: SCAL-294844, SCAL-294845, SCAL-278132
+// TODO: verify with engineering — confirm the exact endpoint paths for deactivate and activate operations
+ThoughtSpot introduces REST API v2.0 endpoints to programmatically deactivate and activate data connections:
+
+// TODO: verify with engineering — confirm endpoint paths, for example:
+// `POST /api/rest/2.0/connections/{connection_identifier}/deactivate`
+// `POST /api/rest/2.0/connections/{connection_identifier}/activate`
+* `POST /api/rest/2.0/connections/{connection_identifier}/deactivate` +
+Deactivates the specified connection.
+* `POST /api/rest/2.0/connections/{connection_identifier}/activate` +
+Activates a previously deactivated connection.
+
+
+////
+Deactivating a connection prevents all user-initiated queries and skips scheduled background jobs such as Sage indexing and row count statistics.
+Activating a connection immediately restores query access and resumes scheduled jobs on their defined schedules.
+
+Required access: Administrator or Connection Owner.
+////
+
+For more information, see xref:connections-deactivate.adoc[Deactivate and activate connections].
+// TODO: verify with engineering — confirm target doc page xref name once page is created
+
+=== Share metadata API: Collections support [beta betaBackground]^Beta^
+
+The `POST /api/rest/2.0/security/metadata/share` endpoint now supports sharing Collections.
+
+To share a Collection, set `metadata_type` to `COLLECTION` in the request body.
+For more information, see xref:collections.adoc#share-collection[Share a Collection].
+
 == Version 26.5.0.cl, May 2026
 
 === Sync connection metadata attributes