> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Update > Update creates or updates the tenant email provider configuration. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/settings/email-provider openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/settings/email-provider: post: tags: - Tenant Email Provider summary: Update description: Update creates or updates the tenant email provider configuration. operationId: c1.api.settings.v1.TenantEmailProviderService.Update requestBody: content: application/json: schema: $ref: >- #/components/schemas/c1.api.settings.v1.UpdateTenantEmailProviderRequest responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.settings.v1.UpdateTenantEmailProviderResponse description: Successful response x-codeSamples: - lang: go label: Update source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.TenantEmailProvider.Update(ctx, nil)\n if err != nil {\n log.Fatal(err)\n }\n if res.UpdateTenantEmailProviderResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.tenantEmailProvider.update(); console.log(result); } run(); components: schemas: c1.api.settings.v1.UpdateTenantEmailProviderRequest: description: The UpdateTenantEmailProviderRequest message. properties: emailProvider: $ref: '#/components/schemas/c1.api.settings.v1.TenantEmailProvider' updateMask: nullable: true readOnly: false type: string title: Update Tenant Email Provider Request type: object x-speakeasy-name-override: UpdateTenantEmailProviderRequest c1.api.settings.v1.UpdateTenantEmailProviderResponse: description: The UpdateTenantEmailProviderResponse message. properties: emailProvider: $ref: '#/components/schemas/c1.api.settings.v1.TenantEmailProvider' title: Update Tenant Email Provider Response type: object x-speakeasy-name-override: UpdateTenantEmailProviderResponse c1.api.settings.v1.TenantEmailProvider: description: > TenantEmailProvider is the API representation of the tenant's email provider. This message contains a oneof named provider. Only a single field of the following list may be set at a time: - c1Builtin - awsSes - sendgrid - microsoftGraph - googleWorkspace properties: awsSes: $ref: '#/components/schemas/c1.api.settings.v1.AWSSESProviderConfig' c1Builtin: $ref: '#/components/schemas/c1.api.settings.v1.C1BuiltInProviderConfig' createdAt: format: date-time readOnly: true type: string fromAddress: description: |- Sender email address. Must be verified with the provider. Ignored when using the C1 built-in provider (uses no-reply@conductorone.com). readOnly: false type: string fromName: description: >- Sender display name shown in the recipient's inbox (e.g., "Acme Corp IT"). Used as the RFC 5322 display-name: "Acme Corp IT" . Ignored when using the C1 built-in provider. readOnly: false type: string googleWorkspace: $ref: >- #/components/schemas/c1.api.settings.v1.GoogleWorkspaceProviderConfig microsoftGraph: $ref: '#/components/schemas/c1.api.settings.v1.MicrosoftGraphProviderConfig' replyToAddress: description: Optional reply-to address. readOnly: false type: string sendgrid: $ref: '#/components/schemas/c1.api.settings.v1.SendGridProviderConfig' updatedAt: format: date-time readOnly: true type: string title: Tenant Email Provider type: object x-speakeasy-name-override: TenantEmailProvider c1.api.settings.v1.AWSSESProviderConfig: description: >- AWSSESProviderConfig configures sending via a customer's AWS SES account. nullable: true properties: configurationSetName: description: Optional SES configuration set name for tracking/metrics. readOnly: false type: string region: description: AWS region where SES identities are verified (e.g., "us-east-1"). readOnly: false type: string roleArn: description: |- IAM role ARN for sts:AssumeRole. The trust policy should require the tenant's AWS External ID (GET /api/v1/settings/aws-external-id). readOnly: false type: string title: Awsses Provider Config type: object x-speakeasy-name-override: AWSSESProviderConfig c1.api.settings.v1.C1BuiltInProviderConfig: description: >- C1BuiltInProviderConfig selects the ConductorOne built-in email provider. Emails are sent from no-reply@conductorone.com via the platform SendGrid account. Only supports sending to C1 users — external email addresses are not supported. No configuration fields required. nullable: true title: C 1 Built In Provider Config type: object x-speakeasy-name-override: C1BuiltInProviderConfig c1.api.settings.v1.GoogleWorkspaceProviderConfig: description: >- GoogleWorkspaceProviderConfig configures sending via Google Workspace Gmail API using domain-wide delegation with a service account. Requires: customer Workspace super admin grants DWD to the service account's OAuth client ID for the gmail.send scope. nullable: true properties: delegatedUser: description: |- The Workspace user email to impersonate via domain-wide delegation. Typically a dedicated sender like noreply@customer.com. readOnly: false type: string serviceAccountJson: description: >- Service account JSON credentials. Write-only: accepted on create/update, never returned in Get. Empty on update means "keep existing credentials". readOnly: false type: string title: Google Workspace Provider Config type: object x-speakeasy-name-override: GoogleWorkspaceProviderConfig c1.api.settings.v1.MicrosoftGraphProviderConfig: description: >- MicrosoftGraphProviderConfig configures sending via Microsoft Graph sendMail API. Requires an Azure AD app registration with Mail.Send application permission (admin-consented). nullable: true properties: azureTenantId: description: Customer's Azure AD tenant ID (directory ID). readOnly: false type: string clientId: description: App registration client ID with Mail.Send application permission. readOnly: false type: string clientSecret: description: >- Client secret. Write-only: accepted on create/update, never returned in Get. Empty on update means "keep existing secret". readOnly: false type: string title: Microsoft Graph Provider Config type: object x-speakeasy-name-override: MicrosoftGraphProviderConfig c1.api.settings.v1.SendGridProviderConfig: description: >- SendGridProviderConfig configures sending via a customer's SendGrid account. nullable: true properties: apiKey: description: >- Customer's SendGrid API key. Write-only: accepted on create/update, never returned in Get. Empty on update means "keep existing key". readOnly: false type: string title: Send Grid Provider Config type: object x-speakeasy-name-override: SendGridProviderConfig securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````