main-rel sync

modules/ROOT/pages/abac_rls-variables.adoc

@@ -109,15 +109,15 @@ To define RLS rules with variables for a Table:
 
 . Navigate to the Data workspace and click the Table for which to define RLS rules.
 . Click *Row security* and then click *+ Add row security*.
-. In the *Row Security Editor*, define the rules. To reference the formula variable in the rule, use the `ts_var` function. For example, If you want to limit user access to data of a specific region, you can create a region-specific variable, `region = ts_var('region_var')`, and assign values in the token request.
+. In the *Row Security Editor*, define the rules. To reference the formula variable in the rule, use the `ts_var` function. For example, If you want to limit user access to data of a specific region, you can create a region-specific variable, `region = ts_var(region_var)`, and assign values in the token request.
 
 
 === RLS rule with a single variable reference
 
 In this formula example, `country` refers to the "country" column in the data table, and `country_var` is the variable.
 
 ----
-country = ts_var('country_var')
+country = ts_var(country_var)
 ----
 
 If `country_var` is assigned a single value, the user is permitted to view only rows where the `country` column matches that value.
@@ -130,20 +130,20 @@ The RLS rules support the `AND` operator, which means that you can combine multi
 The following rule restricts data access to rows if the `country` column in the data table matches the value assigned to `country_var` and the `Department` column matches the value assigned to `department_var` for that user.
 
 ----
-country = ts_var('country_var') AND Department = ts_var('department_var')
+country = ts_var(country_var) AND Department = ts_var(department_var)
 ----
 
 The rule in this example restricts data access to rows where the `region` column in the table matches the value assigned to `region_var` and the `product` column matches the value assigned to `product_var`.
 
 ----
-region = ts_var('region_var') AND product = ts_var('product_var')
+region = ts_var(region_var) AND product = ts_var(product_var)
 ----
 
 === Allow all rule with a TS_WILDCARD_ALL variable
 In this example, `customer` represents the column `customer` in the table and `customer_var` represents variable. If the value of the customer_var variable is set to `TS_WILDCARD_ALL`, the user can access all customers in the column.
 
 ----
-customer = ts_var('customer_var')
+customer = ts_var(customer_var)
 ----
 
 === Group override rule with variable-based check
@@ -152,21 +152,21 @@ In any security formula you build, you may want a clause that gives access to al
 In this example, users can access data if they are in the "data developers" group, or if the `Department` column matches the value assigned to their `department_var` variable.
 
 ----
-'data developers' in ts_groups OR Department = ts_var('department_var')
+'data developers' in ts_groups OR Department = ts_var(department_var)
 ----
 
 ==== Variables with numeric and Date data types
 
 The following rule enforces a numeric threshold and  restricts access to rows where the Revenue value is less than or equal to the value provided by the `revenue_cap_var` variable.
 
 ----
-Revenue <= to_double(ts_var('revenue_cap_var'))
+Revenue <= to_double(ts_var(revenue_cap_var))
 ----
 
 The following rule restricts access to rows where the `date_column` is within the range defined by the `start_date_var` and `end_date_var` variables. Only rows with dates greater than or equal to the start date and less than or equal to the end date specified for these variables will be visible for the user.
 
 ----
-(date_column >= ts_var('start_date_var')) AND (date_column <= ts_var('end_date_var'))
+(date_column >= ts_var(start_date_var)) AND (date_column <= ts_var(end_date_var))
 ----
 
 == Create an ABAC token request with variable attributes
@@ -362,8 +362,7 @@ ABAC details are sent in a JWT that can be used as a bearer token for cookieless
 ====
 
 === Verify the variable assignment
-
-To verify the variable assignment, use the `POST /api/rest/2.0/users/search` API call and check `variable_values` in the user properties in the API response.
+To retrieve user information and object properties, you can use the `POST /api/rest/2.0/users/search` API call. To include variable details in the response, set the `include_variable_values` parameter to `true` in the API request body. This allows you to fetch variable values associated with the user in the specified context.
 
 [source,JSON]
 ----
@@ -395,7 +394,10 @@ To verify the variable assignment, use the `POST /api/rest/2.0/users/search` API
 }
 ----
 
-To verify the security entitlements, start a user session using the JWT and inspect the generated SQL for your query or visualization.
+You can also use the `POST /api/rest/2.0/template/variables/search` API call to xref:variables.adoc#_get_variables[get the list of variables] assigned to a specific user, Org, and Model.
+
+==== Updating variable values for a user
+To update variable values for a user, you can use the `/api/rest/2.0/template/variables/update-values` endpoint, or `/api/rest/2.0/auth/token/custom` endpoint when logging in the user. Do not use the `/api/rest/2.0/users/{user_identifier}/update` endpoint, as it does not support updating variable values.
 
 == Verify the entitlements
 To verify the entitlements:

modules/ROOT/pages/api-changelog.adoc

@@ -1064,7 +1064,7 @@ The earlier versions of the SDK supported only `GET` API requests. For more info
 |====
 |[tag greenBackground]#NEW FEATURE#|
 This version of Visual Embed SDK includes the `enableSearchAssist` attribute, using which you can turn on the Search Assist feature on an embedded instance. +
-For more information, see xref:search-assist-tse.adoc[Enable Search Assist, window=_blank].
+//For more information, see xref:search-assist-tse.adoc[Enable Search Assist, window=_blank].
 |[tag greenBackground]#NEW FEATURE#| The new version of SDK introduces the `AuthType.SAML` enum for SAML-based SSO authentication. Note that `AuthType.SAML` replaces the `AuthType.SSO` enum, which is deprecated in the v1.13.0 version of the SDK. +
 For more information, see xref:embed-authentication.adoc#saml-sso-embed[Authentication].
 |[tag redBackground]#DEPRECATED#| The `AuthType.SSO` enum is deprecated in v1.13.0. ThoughtSpot recommends using `AuthType.SAML` for the SAML SSO authentication method. +

modules/ROOT/pages/deploy-with-tml-apis.adoc

@@ -81,7 +81,7 @@ The process for exporting TML files into source control is:
  . Use `/metadata/tml/export` endpoint in REST API v1 or v2.0 with `export_fqns=true` argument and `formmattype=YAML` to retrieve the TML of the object
  . Save the TML response strings to disk in a Git-enabled directory using a consistent name format
 
-You can use the link:https://thoughtspot.github.io/cs_tools/scriptability/[CS Tools, window=_blank] package for a pre-built tool for programmatic exporting or build your own equivalent using the link:https://github.com/thoughtspot/thoughtspot_rest_api_v1_python[thoughtspot_rest_api_v1 Python library, window=_blank].
+You can use the link:https://thoughtspot.github.io/cs_tools/[CS Tools, window=_blank] package for a pre-built tool for programmatic exporting or build your own equivalent using the link:https://github.com/thoughtspot/thoughtspot_rest_api_v1_python[thoughtspot_rest_api_v1 Python library, window=_blank].
 
 === Best practices with TML export API
 The `formattype` argument can be set to `YAML` or `JSON`.

modules/ROOT/pages/embed-ai-analytics.adoc

@@ -61,7 +61,7 @@ a| * Supported data object is Model
 Visual Embed SDK provides several configuration settings and controls for customizing Spotter embed view:
 
 * Configuration properties that enable or disable features.
-For more information, see xref:_spotterembedviewconfig.adoc[SpotterEmbedViewConfig] and xref:SpotterAgentEmbedViewConfig.adoc[SpotterAgentEmbedConfig]
+For more information, see xref:SpotterEmbedViewConfig.adoc[SpotterEmbedViewConfig] and xref:SpotterAgentEmbedViewConfig.adoc[SpotterAgentEmbedConfig]
 * The action customization framework to show or hide actions in the embedded view +
 For more information, see xref:Action.adoc[Action] and xref:embed-action-ref.adoc[Action IDs in the SDK]
 * Event handlers for host and embed app interaction +

modules/ROOT/pages/full-app-customize.adoc

@@ -46,33 +46,22 @@ A dynamic left navigation menu that adjusts its contents according to the applic
 
 |=====
 --
-////
-[width="100%", cols="2,8,8,8"]
-[options='header']
-|=====
-||V1 (Legacy) |V2 experience  |V3 experience
-
-|Navigation style a|* Top navigation bar for application menu. +
-* Separate left navigation panels only for specific application context, such as *Data*, *Admin* and *Develop* modules a|
-* Persona-based app selector on the top navigation bar +
-* A separate left navigation panel for each persona-based application context a|
-* Sliding left navigation panel
-* Persona-based tabs on the left panel to switch between application context.
-* Separate left navigation panel for each application context.
-|Home page experience| Basic | Modular and customizable home page | Modular
-|Enablement| The default, legacy ThoughtSpot UI. a| Disabled by default. +
-Can be enabled by setting `modularHomeExperience: true` in the Visual Embed SDK a| Disabled by default. +
-Can be enabled by setting the `discoveryExperience` properties in the Visual Embed SDK.
-|Migration considerations| If you want to continue using the classic experience, no migration is required.
-If you plan to switch to the new navigation and modular home page experience, ThoughtSpot recommends migrating to the new v3 experience.
-| The v2 navigation experience can be enabled by setting  `modularHomeExperience` to `true` in the Visual Embed SDK. However, the new v3 experience with left navigation panel provides an improved experience and more customizable components for home page, therefore, we recommend using the v3 experience.
-If you are already on v2 experience and want to switch to the new v3 experience, contact ThoughtSpot Support to enable this feature on your instance.
-Once enabled, configure the `discoveryExperience` properties and customize your home page experience as per your embedding requirements.
-|Contact ThoughtSpot Support to enable the v3 experience on your ThoughtSpot instance.
-Once enabled, configure the `discoveryExperience` properties and customize your home page experience as per your embedding application requirements.
-||||
-|=====
-////
+
+**V3 navigation and home page experience**
+[.bordered]
+[.widthAuto]
+image::./images/v3-experience.png[V3 UI experience]
+
+**V2 navigation and home page experience**
+[.bordered]
+[.widthAuto]
+image::./images/v2-experience.png[V2 UI experience]
+
+**V1 Classic experience**
+[.bordered]
+[.widthAuto]
+image::./images/v1-experience.png[Classic experience]
+
 
 == Customize the embedded application UI for your users
 
@@ -194,13 +183,15 @@ const embed = new AppEmbed("#embed", {
 After you enable the V3 experience:
 
 * Ensure the UI shows the V3 navigation and home page.
+
+////
 +
 The following figure shows the user interface with the V3 experience:
 +
 [.bordered]
 [.widthAuto]
 image::./images/new-nav3.png[New home page]
-
+////
 * Verify that all the customization settings are applied correctly.
 * If you have set up custom routes for navigation within your embedded app, verify navigation workflows and check for breaking changes.
 

modules/ROOT/pages/locale-setting.adoc

@@ -23,30 +23,30 @@ If you want to set your embedded app view to a specific locale for your applicat
 [options="header"]
 |====================
 | Locale | Language
-| `ar-EG` | Egyptian Arabic
 | `da-DK` | Dansk
 | `de-DE` | Deutsch
-| `de-CH` | German (Switzerland)
+| `de-CH` | Deutsch (Switzerland)
 | `en-AU` | English (Australia)
 | `en-CA` | English (Canada)
 | `en-DE` | English (Germany)
 | `en-IN` | English (India)
+| `en-NZ` | English (New Zealand)
 | `en-GB` | English (United Kingdom)
 | `en-US` | English (United States)
-| `en-NZ` | English (New Zealand)
+| `es-ES` | Español
 | `es-US` | Español (Latinoamérica)
-| `es-ES` | Español (España)
-| `es-MX` | Spanish (Mexico)
-| `fi-FI` | Suomi
+| `es-MX` | Español (Mexico)
 | `fr-CA` | Français (Canada)
 | `fr-FR` | Français (France)
+| `ja-JP` | 日本語
+| `ko-KR` | 한국어
 | `it-IT` | Italiano
-| `ja-JP` | Japanese (Japan)/ 日本語
 | `nb-NO` | Norsk
 | `nl-NL` | Nederland
 | `pt-BR` | Português (Brasil)
 | `pt-PT` | Português (Portugal)
-| `ru-RU` | Russian (Russia)
+| `ru-RU` | Pусский (ограниченный выпуск)
+| `fi-FI` | Suomi
 | `sv-SE` | Svenska
 | `zh-CN` | 中文(简体)
 | `zh-HANT`| 中文 (繁體)

modules/ROOT/pages/mcp-integration.adoc

@@ -145,7 +145,7 @@ To enable tool calling:
 You can generate an authentication token for a specific user from ThoughtSpot via a `POST` call to the `/api/rest/2.0/auth/token/full` REST API endpoint. +
 Logged-in users can view the authentication token for their current session by using the `/api/rest/2.0/auth/session/token` REST API endpoint or by opening the following URL in a new tab on the web browser:
 +
-`https://{your-ts-instance}/api/rest/2.0/auth/session/token`
+`\https://{your-ts-instance}/api/rest/2.0/auth/session/token`
 
 For information about calling MCP tools using LLM APIs and methods, see these sections:
 
@@ -236,7 +236,7 @@ For more information, see the link:https://docs.claude.com/en/docs/agents-and-to
 ==== OpenAI API for MCP tool calling
 To enable tool calling and retrieve data from ThoughtSpot via OpenAI, you can use the Responses API endpoint.
 
-To connect to the ThoughtSpot remote MCP server, call the `https://api.openai.com/v1/responses` API endpoint and specify the following properties in the API request:
+To connect to the ThoughtSpot remote MCP server, call the `\https://api.openai.com/v1/responses` API endpoint and specify the following properties in the API request:
 
 * `tools` +
 In the `tools` array, include these parameters:

modules/ROOT/pages/mobile-embed-android.adoc

@@ -13,7 +13,6 @@ Your application developers can embed a ThoughtSpot Liveboard in your native And
 Before you begin, ensure that your development environment has the following setup:
 
 * Access to a ThoughtSpot instance with administrator and developer privileges. +
-Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot.
 * Access to the Liveboard object that you want to embed.
 * Android Studio is installed. +
 

modules/ROOT/pages/mobile-embed-qs-flutter.adoc

@@ -18,7 +18,6 @@ Before you begin, check if your setup has the following:
 
 * A Flutter application project setup. For information about creating a Flutter app, see link:https://docs.flutter.dev/reference/create-new-app[Flutter documentation, window=_blank].
 * Access to a ThoughtSpot instance with administrator and developer privileges. +
-Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot.
 * Access to the Liveboard object that you want to embed.
 
 == Get started with embedding

modules/ROOT/pages/mobile-embed-qs-swift.adoc

@@ -14,7 +14,6 @@ Before you begin, ensure that your development setup includes the following:
 * Xcode 13 or later is installed. For information about Xcode and SwiftUI, see link:https://developer.apple.com/documentation/Xcode[Xcode  documentation, window=_blank].
 * iOS 14.0 or later is installed on your device to test your embed.
 * Access to a ThoughtSpot instance with administrator and developer privileges. +
-Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot.
 * Access to the Liveboard object that you want to embed.
 
 == Install the Swift Embed Package

modules/ROOT/pages/mobile-embed.adoc

@@ -18,15 +18,7 @@ Allows developers to embed ThoughtSpot content in an iOS native app.
 Allows developers to embed ThoughtSpot content in an Android native app.
 
 == Authentication and security settings
-Currently, Mobile Embed SDKs support only cookieless authentication (`AuthType.TrustedAuthCookieless`) method to authenticate embed users. To handle authentication, you may have to token provider function or use your backend app to fetch a token for trusted authentication. For more information, see the Mobile Embed SDK quickstart guides.
-
-You must also add your embedding app domain to the following allowlists on the **Develop** > **Customizations** > **Security Settings** page in the ThoughtSpot UI.
-
-* CSP visual embed hosts
-* Permitted iFrame domains
-* CORS whitelisted domains
-
-For information about how to add your domains to CSP and CORS allowlists, see xref:security-settings.adoc[Security Settings].
+Currently, Mobile Embed SDKs support only cookieless authentication (`AuthType.TrustedAuthCookieless`) method to authenticate embed users. To handle authentication, you may have to token provider function or use your backend app to fetch a token for trusted authentication. For more information, see the respective Mobile Embed SDK quickstart guides.
 
 == Mobile embed customization
 

modules/ROOT/pages/mobilesdk-quick-start.adoc

@@ -17,7 +17,6 @@ Before you begin, check the following:
 * link:https://docs.npmjs.com/downloading-and-installing-node-js-and-npm[NPM and Node.js are installed, window=_blank] on your system.
 * Your link:https://reactnative.dev/docs/environment-setup[React Native environment, window=_blank] is set up.
 * You can access a ThoughtSpot instance with administrator and developer credentials. +
-Ensure that your host app embedding ThoughtSpot is added to the xref:security-settings.adoc[CSP and CORS allowlists] in ThoughtSpot.
 * You have access to the Liveboard object that you want to embed
 
 * If you are using Expo to build your application:
@@ -410,7 +409,6 @@ Additionally, you can add a listener for `EmbedEvent.Error` and verify the logs.
 * In case of rendering issues, adjust the frame size constraints and rerun your app.
 * Check if your custom CSS specifications are applied correctly.
 
-
 == Known limitations
 
 For information about supported features and known limitations, see xref:mobile-embed.adoc#_known_limitations[Mobile embed limitations].

modules/ROOT/pages/modify-tml.adoc

@@ -350,7 +350,7 @@ For more information, see link:https://docs.thoughtspot.com/cloud/latest/tml-mod
 
 [IMPORTANT]
 ====
-Worksheets are deprecated and replaced with Models in ThoughtSpot Cloud 10.12.0.cl and later versions. You'll no longer be able to import a Worksheet TML object into ThoughtSpot without link:https://docs.thoughtspot.com/latest/worksheet-migration[converting it into a Model, window=_blank]. For information about the TML properties of a Model object, see link:https://docs.thoughtspot.com/cloud/latest/tml-models[TML for Models].
+Worksheets are deprecated and replaced with Models in ThoughtSpot Cloud 10.12.0.cl and later versions. You'll no longer be able to import a Worksheet TML object into ThoughtSpot without link:https://docs.thoughtspot.com/cloud/latest/worksheet-migration[converting it into a Model, window=_blank]. For information about the TML properties of a Model object, see link:https://docs.thoughtspot.com/cloud/latest/tml-models[TML for Models].
 ====
 
 Worksheets combine several *tables*, including *Views*, into a coherent data model optimized for searches. The TML syntax for Worksheets defines all aspects, including the tables it joins together, the columns and their properties, filters, and so on.

modules/ROOT/pages/multi-tenancy-best-practices.adoc

@@ -69,7 +69,7 @@ Sharing is controlled through the UI (including when embedded) or via the xref:s
 Please see the full documentation on xref:access-control-sharing.adoc[sharing for access control] to learn how the various options work to isolate content for end customers that share a single "prod" environment.
 
 ==== What content should be shared?
-While you can share individual tables from connections to users, the best practice is to create link:https://docs.thoughtspot.com/cloud/latest/worksheet-create[worksheets, window=_blank] and only share the relevant Models to end users. Any Liveboards and saved answers shared to users should only connect to Models.
+While you can share individual tables from connections to users, the best practice is to create link:https://docs.thoughtspot.com/cloud/latest/models[Models, window=_blank] and only share the relevant Models to end users. Any Liveboards and saved Answers shared to users should only connect to Models.
 
 Remember to share the Model as *READ_ONLY* along with the Liveboards and answers so the users can access self-service features such as changing filter values.