ConnectionMaster · pull · May 21, 2026 · May 21, 2026 · May 21, 2026
diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -19304,10 +19304,6 @@ components:
           description: The title of the degradation.
           example: Elevated API Latency
           type: string
-        updates:
-          items:
-            $ref: "#/components/schemas/CreateDegradationRequestDataAttributesUpdatesItems"
-          type: array
       required:
         - components_affected
         - status
@@ -19345,48 +19341,6 @@ components:
         - IDENTIFIED
         - MONITORING
         - RESOLVED
-    CreateDegradationRequestDataAttributesUpdatesItems:
-      description: A degradation update entry.
-      properties:
-        components_affected:
-          description: The components affected.
-          items:
-            $ref: "#/components/schemas/CreateDegradationRequestDataAttributesUpdatesItemsComponentsAffectedItems"
-          type: array
-        description:
-          description: A description of the update.
-          example: ""
-          type: string
-        started_at:
-          description: Timestamp of when the update occurred.
-          example: ""
-          format: date-time
-          type: string
-        status:
-          $ref: "#/components/schemas/CreateDegradationRequestDataAttributesStatus"
-      required:
-        - components_affected
-        - description
-        - started_at
-        - status
-      type: object
-    CreateDegradationRequestDataAttributesUpdatesItemsComponentsAffectedItems:
-      description: A component affected by a degradation update.
-      properties:
-        id:
-          description: The ID of the component. Must be a component of type `component`.
-          example: ""
-          type: string
-        name:
-          description: The name of the component.
-          readOnly: true
-          type: string
-        status:
-          $ref: "#/components/schemas/StatusPagesComponentDataAttributesStatus"
-      required:
-        - id
-        - status
-      type: object
     CreateDeploymentGateParams:
       description: Parameters for creating a deployment gate.
       properties:
@@ -19755,10 +19709,6 @@ components:
           description: The title of the maintenance.
           example: "API Maintenance"
           type: string
-        updates:
-          items:
-            $ref: "#/components/schemas/CreateMaintenanceRequestDataAttributesUpdatesItems"
-          type: array
       required:
         - components_affected
         - title
@@ -19786,48 +19736,6 @@ components:
         - id
         - status
       type: object
-    CreateMaintenanceRequestDataAttributesUpdatesItems:
-      description: A maintenance update entry.
-      properties:
-        components_affected:
-          description: The components affected.
-          items:
-            $ref: "#/components/schemas/CreateMaintenanceRequestDataAttributesUpdatesItemsComponentsAffectedItems"
-          type: array
-        description:
-          description: A description of the update.
-          example: ""
-          type: string
-        started_at:
-          description: Timestamp of when the update occurred.
-          example: ""
-          format: date-time
-          type: string
-        status:
-          $ref: "#/components/schemas/CreateMaintenanceRequestDataAttributesUpdatesItemsStatus"
-      required:
-        - components_affected
-        - description
-        - started_at
-        - status
-      type: object
-    CreateMaintenanceRequestDataAttributesUpdatesItemsComponentsAffectedItems:
-      description: A component affected by a maintenance update.
-      properties:
-        id:
-          description: The ID of the component. Must be a component of type `component`.
-          example: ""
-          type: string
-        name:
-          description: The name of the component.
-          readOnly: true
-          type: string
-        status:
-          $ref: "#/components/schemas/PatchMaintenanceRequestDataAttributesComponentsAffectedItemsStatus"
-      required:
-        - id
-        - status
-      type: object
     CreateMaintenanceRequestDataAttributesUpdatesItemsStatus:
       description: The status of a maintenance update.
       enum:
@@ -25007,6 +24915,9 @@ components:
           format: uuid
           readOnly: true
           type: string
+        last_modified_by_user_uuid:
+          description: UUID of the user who last modified the resource.
+          type: string
         modified_at:
           description: Timestamp of when the update was last modified.
           format: date-time
@@ -54340,6 +54251,16 @@ components:
           description: Name of the environment variable or secret that holds the username (used when `auth_strategy` is `plain`).
           example: HTTP_AUTH_USERNAME
           type: string
+        valid_tokens:
+          description: |-
+            A list of tokens that are accepted for authenticating incoming HTTP requests. When set,
+            the source rejects any request whose token does not match an enabled entry in this list.
+            Cannot be combined with the `plain` auth strategy.
+          items:
+            $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidToken"
+          maxItems: 1000
+          minItems: 1
+          type: array
       required:
         - id
         - type
@@ -54365,6 +54286,55 @@ components:
       type: string
       x-enum-varnames:
         - HTTP_SERVER
+    ObservabilityPipelineHttpServerSourceValidToken:
+      description: An accepted token used to authenticate incoming HTTP server requests.
+      properties:
+        enabled:
+          default: true
+          description: |-
+            Indicates whether this token is currently accepted. Disabled tokens are rejected without
+            being removed from the configuration.
+          example: true
+          type: boolean
+        field_to_add:
+          $ref: "#/components/schemas/ObservabilityPipelineSourceValidTokenFieldToAdd"
+        path_to_token:
+          $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidTokenPathToToken"
+        token_key:
+          description: Name of the environment variable or secret that holds the expected token value.
+          example: HTTP_SERVER_TOKEN
+          pattern: "^[A-Za-z0-9_]+$"
+          type: string
+      required:
+        - token_key
+      type: object
+    ObservabilityPipelineHttpServerSourceValidTokenPathToToken:
+      description: |-
+        Specifies where the worker extracts the token from in the incoming HTTP request.
+        This can be either a built-in location (`path` or `address`) or an HTTP header object.
+      oneOf:
+        - $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation"
+        - $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader"
+    ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader:
+      description: Extract the token from a specific HTTP request header.
+      properties:
+        header:
+          description: The name of the HTTP header that carries the token.
+          example: X-Token
+          type: string
+      required:
+        - header
+      type: object
+    ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation:
+      description: Built-in token location on the incoming HTTP request.
+      enum:
+        - path
+        - address
+      example: path
+      type: string
+      x-enum-varnames:
+        - PATH
+        - ADDRESS
     ObservabilityPipelineKafkaDestination:
       description: |-
         The `kafka` destination sends logs to Apache Kafka topics.
@@ -56388,6 +56358,27 @@ components:
       type: string
       x-enum-varnames:
         - SOCKET
+    ObservabilityPipelineSourceValidTokenFieldToAdd:
+      description: |-
+        An optional metadata field that is attached to every event authenticated by the
+        associated token. Both `key` and `value` must match `^[A-Za-z0-9_]+$`.
+      properties:
+        key:
+          description: The metadata field name to add to incoming events.
+          example: token_name
+          maxLength: 256
+          pattern: "^[A-Za-z0-9_]+$"
+          type: string
+        value:
+          description: The metadata field value to add to incoming events.
+          example: my_token
+          maxLength: 1024
+          pattern: "^[A-Za-z0-9_]+$"
+          type: string
+      required:
+        - key
+        - value
+      type: object
     ObservabilityPipelineSpec:
       description: Input schema representing an observability pipeline configuration. Used in create and validate requests.
       properties:
@@ -56584,6 +56575,15 @@ components:
           $ref: "#/components/schemas/ObservabilityPipelineTls"
         type:
           $ref: "#/components/schemas/ObservabilityPipelineSplunkHecSourceType"
+        valid_tokens:
+          description: |-
+            A list of tokens that are accepted for authenticating incoming HEC requests. When set, the source
+            rejects any request whose HEC token does not match an enabled entry in this list.
+          items:
+            $ref: "#/components/schemas/ObservabilityPipelineSplunkHecSourceValidToken"
+          maxItems: 1000
+          minItems: 1
+          type: array
       required:
         - id
         - type
@@ -56598,6 +56598,26 @@ components:
       type: string
       x-enum-varnames:
         - SPLUNK_HEC
+    ObservabilityPipelineSplunkHecSourceValidToken:
+      description: An accepted HEC token used to authenticate incoming Splunk HEC requests.
+      properties:
+        enabled:
+          default: true
+          description: |-
+            Indicates whether this token is currently accepted. Disabled tokens are rejected without
+            being removed from the configuration.
+          example: true
+          type: boolean
+        field_to_add:
+          $ref: "#/components/schemas/ObservabilityPipelineSourceValidTokenFieldToAdd"
+        token_key:
+          description: Name of the environment variable or secret that holds the expected HEC token value.
+          example: SPLUNK_HEC_TOKEN
+          pattern: "^[A-Za-z0-9_]+$"
+          type: string
+      required:
+        - token_key
+      type: object
     ObservabilityPipelineSplunkTcpSource:
       description: |-
         The `splunk_tcp` source receives logs from a Splunk Universal Forwarder over TCP.

diff --git a/...an-observability-pipeline-with-HTTP-server-source-valid-tokens-returns-OK-response.frozen b/...an-observability-pipeline-with-HTTP-server-source-valid-tokens-returns-OK-response.frozen
@@ -0,0 +1 @@
+2026-05-18T16:51:43.688Z
diff --git a/...te-an-observability-pipeline-with-HTTP-server-source-valid-tokens-returns-OK-response.yml b/...te-an-observability-pipeline-with-HTTP-server-source-valid-tokens-returns-OK-response.yml
diff --git a/...-an-observability-pipeline-with-Splunk-HEC-source-valid-tokens-returns-OK-response.frozen b/...-an-observability-pipeline-with-Splunk-HEC-source-valid-tokens-returns-OK-response.frozen
@@ -0,0 +1 @@
+2026-05-18T16:51:43.307Z
diff --git a/...ate-an-observability-pipeline-with-Splunk-HEC-source-valid-tokens-returns-OK-response.yml b/...ate-an-observability-pipeline-with-Splunk-HEC-source-valid-tokens-returns-OK-response.yml
diff --git a/examples/v2/observability-pipelines/ValidatePipeline_1130701356.rb b/examples/v2/observability-pipelines/ValidatePipeline_1130701356.rb
@@ -0,0 +1,63 @@
+# Validate an observability pipeline with Splunk HEC source valid_tokens returns "OK" response
+
+require "datadog_api_client"
+api_instance = DatadogAPIClient::V2::ObservabilityPipelinesAPI.new
+
+body = DatadogAPIClient::V2::ObservabilityPipelineSpec.new({
+  data: DatadogAPIClient::V2::ObservabilityPipelineSpecData.new({
+    attributes: DatadogAPIClient::V2::ObservabilityPipelineDataAttributes.new({
+      config: DatadogAPIClient::V2::ObservabilityPipelineConfig.new({
+        destinations: [
+          DatadogAPIClient::V2::ObservabilityPipelineDatadogLogsDestination.new({
+            id: "datadog-logs-destination",
+            inputs: [
+              "my-processor-group",
+            ],
+            type: DatadogAPIClient::V2::ObservabilityPipelineDatadogLogsDestinationType::DATADOG_LOGS,
+          }),
+        ],
+        processor_groups: [
+          DatadogAPIClient::V2::ObservabilityPipelineConfigProcessorGroup.new({
+            enabled: true,
+            id: "my-processor-group",
+            include: "service:my-service",
+            inputs: [
+              "splunk-hec-source",
+            ],
+            processors: [
+              DatadogAPIClient::V2::ObservabilityPipelineFilterProcessor.new({
+                enabled: true,
+                id: "filter-processor",
+                include: "status:error",
+                type: DatadogAPIClient::V2::ObservabilityPipelineFilterProcessorType::FILTER,
+              }),
+            ],
+          }),
+        ],
+        sources: [
+          DatadogAPIClient::V2::ObservabilityPipelineSplunkHecSource.new({
+            id: "splunk-hec-source",
+            type: DatadogAPIClient::V2::ObservabilityPipelineSplunkHecSourceType::SPLUNK_HEC,
+            valid_tokens: [
+              DatadogAPIClient::V2::ObservabilityPipelineSplunkHecSourceValidToken.new({
+                token_key: "SPLUNK_HEC_TOKEN",
+                enabled: true,
+                field_to_add: DatadogAPIClient::V2::ObservabilityPipelineSourceValidTokenFieldToAdd.new({
+                  key: "token_name",
+                  value: "primary_token",
+                }),
+              }),
+              DatadogAPIClient::V2::ObservabilityPipelineSplunkHecSourceValidToken.new({
+                token_key: "SPLUNK_HEC_TOKEN_BACKUP",
+                enabled: false,
+              }),
+            ],
+          }),
+        ],
+      }),
+      name: "Pipeline with Splunk HEC valid_tokens",
+    }),
+    type: "pipelines",
+  }),
+})
+p api_instance.validate_pipeline(body)