> ## Documentation Index > Fetch the complete documentation index at: https://conductorone-docs-mcp-bridge-private-server.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # Update > Update modifies mutable metadata on a decoy. The decoy variant is fixed at Create -- rotate the secret with Rotate instead. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples patch /api/v1/decoys/{id} openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/decoys/{id}: patch: tags: - Decoy summary: Update description: |- Update modifies mutable metadata on a decoy. The decoy variant is fixed at Create -- rotate the secret with Rotate instead. operationId: c1.api.decoy.v1.DecoyService.Update parameters: - in: path name: id required: true schema: description: The id field. readOnly: true type: string requestBody: content: application/json: schema: $ref: >- #/components/schemas/c1.api.decoy.v1.DecoyServiceUpdateRequestInput responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.decoy.v1.DecoyServiceUpdateResponse description: Successful response x-codeSamples: - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.decoy.update({ id: "", }); console.log(result); } run(); components: schemas: c1.api.decoy.v1.DecoyServiceUpdateRequestInput: description: The DecoyServiceUpdateRequest message. properties: decoy: oneOf: - $ref: '#/components/schemas/c1.api.decoy.v1.Decoy' - type: 'null' updateMask: type: - string - 'null' title: Decoy Service Update Request type: object x-speakeasy-name-override: DecoyServiceUpdateRequest c1.api.decoy.v1.DecoyServiceUpdateResponse: description: The DecoyServiceUpdateResponse message. properties: decoy: oneOf: - $ref: '#/components/schemas/c1.api.decoy.v1.Decoy' - type: 'null' title: Decoy Service Update Response type: object x-speakeasy-name-override: DecoyServiceUpdateResponse c1.api.decoy.v1.Decoy: description: |- Decoy is the read projection of a planted honey-credential. All fields except annotations are server-managed. properties: annotations: additionalProperties: type: string description: |- Customer-defined grouping/filtering bag. PATCH semantics on Update: keys in the request overwrite, keys missing stay, keys set to empty string delete. Copied onto the Finding produced when a decoy fires, so routing rules can condition on the same keys. type: object x-speakeasy-terraform-plan-modifier: imports: - >- github.com/conductorone/terraform-provider-conductorone/internal/annotations schemaDefinition: annotations.PlanModifier() createdAt: format: date-time readOnly: true type: - string - 'null' description: description: The description field. type: - string - 'null' disabled: description: Admin-disabled. type: - boolean - 'null' displayName: description: The displayName field. type: - string - 'null' id: description: The id field. readOnly: true type: - string - 'null' kind: description: The kind field. enum: - DECOY_KIND_UNSPECIFIED - DECOY_KIND_USER_CLIENT_CREDENTIAL - DECOY_KIND_CONNECTOR_CLIENT - DECOY_KIND_WORKLOAD_FEDERATION - DECOY_KIND_ACCESS_TOKEN readOnly: true type: - string - 'null' x-speakeasy-unknown-values: allow lastUsedAt: format: date-time readOnly: true type: - string - 'null' materialFingerprintSha256: description: |- Hex-encoded SHA256 of the secret string vended at Create / Rotate. Stable for the decoy's current material; changes only on Rotate. Empty for WorkloadFederation decoys (no server-vended secret). readOnly: true type: - string - 'null' updatedAt: format: date-time readOnly: true type: - string - 'null' title: Decoy type: object x-speakeasy-name-override: Decoy securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````