> ## Documentation Index
> Fetch the complete documentation index at: https://ngrok.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Update

> Update attributes of an ssh_credential by ID




## OpenAPI

````yaml https://raw.githubusercontent.com/ngrok/ngrok-openapi/refs/heads/main/ngrok.yaml patch /ssh_credentials/{id}
openapi: 3.0.0
info:
  title: ngrok OpenAPI
  version: 1.0.0
servers:
  - url: https://api.ngrok.com
security:
  - authentication: []
paths:
  /ssh_credentials/{id}:
    patch:
      tags:
        - SSHCredentials
      summary: Update
      description: |
        Update attributes of an ssh_credential by ID
      operationId: SshCredentialsUpdate
      parameters:
        - $ref: '#/components/parameters/ngrokVersion'
        - name: id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SSHCredentialUpdate'
      responses:
        '200':
          description: |
            Update attributes of an ssh_credential by ID
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SSHCredential'
components:
  parameters:
    ngrokVersion:
      name: ngrok-version
      in: header
      required: true
      schema:
        type: integer
        default: 2
  schemas:
    SSHCredentialUpdate:
      type: object
      properties:
        id:
          description: n/a
          type: string
        description:
          description: >
            human-readable description of who or what will use the ssh
            credential to authenticate. Optional, max 255 bytes.
          type: string
        metadata:
          description: >
            arbitrary user-defined machine-readable data of this ssh credential.
            Optional, max 4096 bytes.
          type: string
        acl:
          description: >
            optional list of ACL rules. If unspecified, the credential will have
            no restrictions. The only allowed ACL rule at this time is the
            `bind` rule. The `bind` rule allows the caller to restrict what
            domains, addresses, and labels the token is allowed to bind. For
            example, to allow the token to open a tunnel on example.ngrok.io
            your ACL would include the rule `bind:example.ngrok.io`. Bind rules
            for domains may specify a leading wildcard to match multiple domains
            with a common suffix. For example, you may specify a rule of
            `bind:*.example.com` which will allow `x.example.com`,
            `y.example.com`, `*.example.com`, etc. Bind rules for labels may
            specify a wildcard key and/or value to match multiple labels. For
            example, you may specify a rule of `bind:*=example` which will allow
            `x=example`, `y=example`, etc. A rule of `'*'` is equivalent to no
            acl at all and will explicitly permit all actions.
          type: array
          items:
            type: string
    SSHCredential:
      type: object
      properties:
        id:
          description: |
            unique ssh credential resource identifier
          type: string
        uri:
          description: |
            URI of the ssh credential API resource
          type: string
        created_at:
          description: |
            timestamp when the ssh credential was created, RFC 3339 format
          type: string
        description:
          description: >
            human-readable description of who or what will use the ssh
            credential to authenticate. Optional, max 255 bytes.
          type: string
        metadata:
          description: >
            arbitrary user-defined machine-readable data of this ssh credential.
            Optional, max 4096 bytes.
          type: string
        public_key:
          description: >
            the PEM-encoded public key of the SSH keypair that will be used to
            authenticate
          type: string
        acl:
          description: >
            optional list of ACL rules. If unspecified, the credential will have
            no restrictions. The only allowed ACL rule at this time is the
            `bind` rule. The `bind` rule allows the caller to restrict what
            domains, addresses, and labels the token is allowed to bind. For
            example, to allow the token to open a tunnel on example.ngrok.io
            your ACL would include the rule `bind:example.ngrok.io`. Bind rules
            for domains may specify a leading wildcard to match multiple domains
            with a common suffix. For example, you may specify a rule of
            `bind:*.example.com` which will allow `x.example.com`,
            `y.example.com`, `*.example.com`, etc. Bind rules for labels may
            specify a wildcard key and/or value to match multiple labels. For
            example, you may specify a rule of `bind:*=example` which will allow
            `x=example`, `y=example`, etc. A rule of `'*'` is equivalent to no
            acl at all and will explicitly permit all actions.
          type: array
          items:
            type: string
        owner_id:
          description: >
            If supplied at credential creation, ownership will be assigned to
            the specified User or Bot. Only admins may specify an owner other
            than themselves. Defaults to the authenticated User or Bot.
          type: string
  securitySchemes:
    authentication:
      type: http
      scheme: bearer

````