Added
New codeType Parameter for run-sql Endpoint
about 1 month ago
The run-sql endpoint now supports a codeType parameter to distinguish between SQL and Python code execution. This enables M2M clients to execute Python code while maintaining SQL validation for regular queries.
What's New
- New optional
codeTypeparameter accepts"sql"(default) or"python" - M2M clients sending Python code can bypass SQL parsing validation
- SQL validation (table access allowlist) applies to all user requests and M2M requests with
codeType: "sql" - Backwards compatible: existing clients without
codeTypedefault to SQL behavior
Modified Endpoint
POST /api/v1/accounts/{accountId}/workspaces/{workspaceId}/run-sql
Request Format
{
"sql": "SELECT * FROM orders",
"maxRows": 100,
"codeType": "sql"
}For Python execution (M2M only):
{
"sql": "import pandas as pd\n...",
"maxRows": 100,
"codeType": "python"
}Validation Behavior
| Request Type | codeType | Table Access Validation |
|---|---|---|
| User | any | Always validated |
| M2M | sql | Validated |
| M2M | python | Skipped |
Migration Notes
No changes required for existing integrations. The parameter is optional and defaults to "sql", preserving current behavior.