POST
/
organizations
/
{organization}
/
databases
/
{database}
/
branches
/
{branch}
/
passwords
Create a password
curl --request POST \
  --url https://api.planetscale.com/v1/organizations/{organization}/databases/{database}/branches/{branch}/passwords \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "<string>",
  "role": "reader",
  "replica": true,
  "ttl": 123,
  "cidrs": [
    "<string>"
  ]
}'
{
  "id": "<string>",
  "name": "<string>",
  "role": "reader",
  "cidrs": [
    "<string>"
  ],
  "created_at": "<string>",
  "deleted_at": "<string>",
  "expires_at": "<string>",
  "last_used_at": "<string>",
  "expired": true,
  "ttl_seconds": 123,
  "access_host_url": "<string>",
  "access_host_regional_url": "<string>",
  "access_host_regional_urls": [
    "<string>"
  ],
  "actor": {},
  "region": {},
  "username": "<string>",
  "plain_text": "<string>",
  "replica": true,
  "renewable": true,
  "database_branch": {}
}

Authorizations

Authorization
string
header
required

Path Parameters

organization
string
required

The name of the organization the password belongs to

database
string
required

The name of the database the password belongs to

branch
string
required

The name of the branch the password belongs to

Body

application/json
name
string

Optional name of the password

role
enum<string>

The database role of the password (i.e. admin)

Available options:
reader,
writer,
admin,
readwriter
replica
boolean

Whether the password is for a read replica

ttl
number

Time to live (in seconds) for the password. The password will be invalid when TTL has passed

cidrs
string[]

List of IP addresses or CIDR ranges that can use this password

Response

Returns the new credentials

id
string
required

The ID for the password

name
string
required

The display name for the password

role
enum<string>
required

The role for the password

Available options:
reader,
writer,
admin,
readwriter
cidrs
string[]
required

List of IP addresses or CIDR ranges that can use this password

created_at
string
required

When the password was created

deleted_at
string
required

When the password was deleted

expires_at
string
required

When the password will expire

last_used_at
string
required

When the password was last used to execute a query

expired
boolean
required

True if the credentials are expired

ttl_seconds
number
required

Time to live (in seconds) for the password. The password will be invalid when TTL has passed

access_host_url
string
required

The host URL for the password

access_host_regional_url
string
required

The regional host URL

access_host_regional_urls
string[]
required

The read-only replica host URLs

actor
object
required
region
object
required
username
string
required

The username for the password

plain_text
string
required

The plain text password, available only after create

replica
boolean
required

Whether or not the password is for a read replica

renewable
boolean
required

Whether or not the password can be renewed

database_branch
object
required