appwrite · ChiragAgg5k · Jun 11, 2026 · Jun 11, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,29 @@
 # Change Log
 
+## 14.0.0
+
+* Breaking: Removed `getDatabaseMetrics`, `getDatabaseInsights`, `getDatabaseSchema`, and `createDatabaseSchemaPreview` from `Compute` service
+* Breaking: Removed `region` and `type` parameters from `createDatabase` on `Compute` service
+* Breaking: Replaced `highAvailability` and `highAvailabilityReplicaCount` with `replicas` on `createDatabase` and `updateDatabase`
+* Breaking: Removed `type`, `region`, and `highAvailability` fields from `DedicatedDatabase` model
+* Breaking: Removed `DedicatedDatabaseMetrics`, `DedicatedDatabaseSchema`, `DedicatedDatabaseSchemaPreview`, and performance insights models
+* Breaking: Removed OS, client, and device fields from `ActivityEvent` model
+* Breaking: Removed `internal` parameter and field from `Apps` service and `App` model
+* Breaking: `getInvoiceDownload` and `getInvoiceView` on `Organizations` now return a URL string
+* Breaking: Geometric attribute and column models now type `default` as number arrays instead of `any[]`
+* Added: OAuth2 Device Authorization Grant support with `deviceFlow` on apps and device code settings on `updateOAuth2Server`
+* Added: Consent metadata on `Apps` service (`description`, `clientUri`, `logoUri`, `privacyPolicyUrl`, `termsUrl`, `contacts`)
+* Added: `authorizationDetailsTypes` parameter on `updateOAuth2Server` for RFC 9396 support
+* Added: `dedicatedDatabaseId` parameter on `create` for `TablesDB`, `DocumentsDB`, and `VectorsDB`
+* Added: `api` parameter on `createDatabase` and `DedicatedDatabasesExecute` key scope
+* Added: `userAccessedAt` membership privacy setting and field on `Membership` model
+* Added: Email classification fields on `User` model (`emailCanonical`, `emailIsFree`, `emailIsDisposable`, `emailIsCorporate`, `emailIsCanonical`)
+* Added: Connection details on `Branch` model and TCP connection fields on dedicated database connection model
+* Added: `type` field on backup policies for full or incremental backups
+* Added: `hint` field on app secret models for identifying secrets
+* Updated: SQL API allowed statements now support DDL and DCL types as opt-in
+* Updated: All requests now send an explicit `accept` header
+
 ## 13.2.0
 
 * Added: `Apps` service for managing OAuth2 apps, secrets, and tokens

diff --git a/README.md b/README.md
@@ -33,7 +33,7 @@ import { Client, Account } from "@appwrite.io/console";
 To install with a CDN (content delivery network) add the following scripts to the bottom of your <body> tag, but before you use any Appwrite services:
 
 ```html
-<script src="https://cdn.jsdelivr.net/npm/@appwrite.io/console@13.2.0"></script>
+<script src="https://cdn.jsdelivr.net/npm/@appwrite.io/console@14.0.0"></script>
 ```
 
 

diff --git a/docs/examples/account/create.md b/docs/examples/account/create.md
@@ -10,7 +10,7 @@ const account = new Account(client);
 const result = await account.create({
     userId: '<USER_ID>',
     email: 'email@example.com',
-    password: '',
+    password: 'password',
     name: '<NAME>' // optional
 });
 

diff --git a/docs/examples/account/update-password.md b/docs/examples/account/update-password.md
@@ -8,8 +8,8 @@ const client = new Client()
 const account = new Account(client);
 
 const result = await account.updatePassword({
-    password: '',
-    oldPassword: '<OLD_PASSWORD>' // optional
+    password: 'password',
+    oldPassword: 'password' // optional
 });
 
 console.log(result);

diff --git a/docs/examples/account/update-recovery.md b/docs/examples/account/update-recovery.md
@@ -10,7 +10,7 @@ const account = new Account(client);
 const result = await account.updateRecovery({
     userId: '<USER_ID>',
     secret: '<SECRET>',
-    password: ''
+    password: 'password'
 });
 
 console.log(result);

diff --git a/docs/examples/apps/create.md b/docs/examples/apps/create.md
@@ -11,9 +11,15 @@ const result = await apps.create({
     appId: '<APP_ID>',
     name: '<NAME>',
     redirectUris: [],
+    description: '<DESCRIPTION>', // optional
+    clientUri: 'https://example.com', // optional
+    logoUri: 'https://example.com', // optional
+    privacyPolicyUrl: 'https://example.com', // optional
+    termsUrl: 'https://example.com', // optional
+    contacts: [], // optional
     enabled: false, // optional
-    internal: false, // optional
     type: 'public', // optional
+    deviceFlow: false, // optional
     teamId: '<TEAM_ID>' // optional
 });
 

diff --git a/docs/examples/apps/update.md b/docs/examples/apps/update.md
@@ -10,10 +10,16 @@ const apps = new Apps(client);
 const result = await apps.update({
     appId: '<APP_ID>',
     name: '<NAME>',
+    description: '<DESCRIPTION>', // optional
+    clientUri: 'https://example.com', // optional
+    logoUri: 'https://example.com', // optional
+    privacyPolicyUrl: 'https://example.com', // optional
+    termsUrl: 'https://example.com', // optional
+    contacts: [], // optional
     enabled: false, // optional
-    internal: false, // optional
     redirectUris: [], // optional
-    type: 'public' // optional
+    type: 'public', // optional
+    deviceFlow: false // optional
 });
 
 console.log(result);

diff --git a/docs/examples/avatars/get-browser.md b/docs/examples/avatars/get-browser.md
@@ -3,7 +3,8 @@ import { Client, Avatars, Browser } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-credit-card.md b/docs/examples/avatars/get-credit-card.md
@@ -3,7 +3,8 @@ import { Client, Avatars, CreditCard } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-favicon.md b/docs/examples/avatars/get-favicon.md
@@ -3,7 +3,8 @@ import { Client, Avatars } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-flag.md b/docs/examples/avatars/get-flag.md
@@ -3,7 +3,8 @@ import { Client, Avatars, Flag } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-image.md b/docs/examples/avatars/get-image.md
@@ -3,7 +3,8 @@ import { Client, Avatars } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-initials.md b/docs/examples/avatars/get-initials.md
@@ -3,7 +3,8 @@ import { Client, Avatars } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-qr.md b/docs/examples/avatars/get-qr.md
@@ -3,7 +3,8 @@ import { Client, Avatars } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/avatars/get-screenshot.md b/docs/examples/avatars/get-screenshot.md
@@ -3,7 +3,8 @@ import { Client, Avatars, BrowserTheme, Timezone, BrowserPermission, ImageFormat
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const avatars = new Avatars(client);
 

diff --git a/docs/examples/compute/create-database-schema-preview.md b/docs/examples/compute/create-database-schema-preview.md
diff --git a/docs/examples/compute/create-database.md b/docs/examples/compute/create-database.md
@@ -13,17 +13,14 @@ const result = await compute.createDatabase({
     database: '<DATABASE>', // optional
     engine: 'postgres', // optional
     version: '17', // optional
-    region: 'fra', // optional
-    type: 'shared', // optional
     specification: '<SPECIFICATION>', // optional
     backend: 'prisma', // optional
     cpu: 125, // optional
     memory: 128, // optional
     storage: 1, // optional
     storageClass: 'ssd', // optional
     storageMaxGb: 0, // optional
-    highAvailability: false, // optional
-    highAvailabilityReplicaCount: 0, // optional
+    replicas: 0, // optional
     highAvailabilitySyncMode: 'async', // optional
     networkMaxConnections: 10, // optional
     networkIdleTimeoutSeconds: 60, // optional
@@ -38,7 +35,8 @@ const result = await compute.createDatabase({
     storageAutoscalingThresholdPercent: 50, // optional
     storageAutoscalingMaxGb: 0, // optional
     metricsEnabled: false, // optional
-    poolerEnabled: false // optional
+    poolerEnabled: false, // optional
+    api: 'compute' // optional
 });
 
 console.log(result);

diff --git a/docs/examples/compute/get-database-insights.md b/docs/examples/compute/get-database-insights.md
diff --git a/docs/examples/compute/get-database-metrics.md b/docs/examples/compute/get-database-metrics.md
diff --git a/docs/examples/compute/get-database-schema.md b/docs/examples/compute/get-database-schema.md
diff --git a/docs/examples/compute/update-database.md b/docs/examples/compute/update-database.md
@@ -16,8 +16,7 @@ const result = await compute.updateDatabase({
     memory: 128, // optional
     storage: 1, // optional
     storageClass: 'ssd', // optional
-    highAvailability: false, // optional
-    highAvailabilityReplicaCount: 0, // optional
+    replicas: 0, // optional
     highAvailabilitySyncMode: 'async', // optional
     networkMaxConnections: 10, // optional
     networkIdleTimeoutSeconds: 60, // optional

diff --git a/docs/examples/documentsdb/create.md b/docs/examples/documentsdb/create.md
@@ -10,7 +10,8 @@ const documentsDB = new DocumentsDB(client);
 const result = await documentsDB.create({
     databaseId: '<DATABASE_ID>',
     name: '<NAME>',
-    enabled: false // optional
+    enabled: false, // optional
+    dedicatedDatabaseId: '<DEDICATED_DATABASE_ID>' // optional
 });
 
 console.log(result);

diff --git a/docs/examples/functions/get-deployment-download.md b/docs/examples/functions/get-deployment-download.md
@@ -3,7 +3,8 @@ import { Client, Functions, DeploymentDownloadType } from "@appwrite.io/console"
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const functions = new Functions(client);
 

diff --git a/docs/examples/messaging/create-smtp-provider.md b/docs/examples/messaging/create-smtp-provider.md
@@ -13,7 +13,7 @@ const result = await messaging.createSMTPProvider({
     host: '<HOST>',
     port: 1, // optional
     username: '<USERNAME>', // optional
-    password: '<PASSWORD>', // optional
+    password: 'password', // optional
     encryption: SmtpEncryption.None, // optional
     autoTLS: false, // optional
     mailer: '<MAILER>', // optional

diff --git a/docs/examples/messaging/update-smtp-provider.md b/docs/examples/messaging/update-smtp-provider.md
@@ -13,7 +13,7 @@ const result = await messaging.updateSMTPProvider({
     host: '<HOST>', // optional
     port: 1, // optional
     username: '<USERNAME>', // optional
-    password: '<PASSWORD>', // optional
+    password: 'password', // optional
     encryption: SmtpEncryption.None, // optional
     autoTLS: false, // optional
     mailer: '<MAILER>', // optional

diff --git a/docs/examples/migrations/create-n-host-migration.md b/docs/examples/migrations/create-n-host-migration.md
@@ -14,7 +14,7 @@ const result = await migrations.createNHostMigration({
     adminSecret: '<ADMIN_SECRET>',
     database: '<DATABASE>',
     username: '<USERNAME>',
-    password: '<PASSWORD>',
+    password: 'password',
     port: null // optional
 });
 

diff --git a/docs/examples/migrations/create-supabase-migration.md b/docs/examples/migrations/create-supabase-migration.md
@@ -13,7 +13,7 @@ const result = await migrations.createSupabaseMigration({
     apiKey: '<API_KEY>',
     databaseHost: '<DATABASE_HOST>',
     username: '<USERNAME>',
-    password: '<PASSWORD>',
+    password: 'password',
     port: null // optional
 });
 

diff --git a/docs/examples/migrations/get-n-host-report.md b/docs/examples/migrations/get-n-host-report.md
@@ -14,7 +14,7 @@ const result = await migrations.getNHostReport({
     adminSecret: '<ADMIN_SECRET>',
     database: '<DATABASE>',
     username: '<USERNAME>',
-    password: '<PASSWORD>',
+    password: 'password',
     port: null // optional
 });
 

diff --git a/docs/examples/migrations/get-supabase-report.md b/docs/examples/migrations/get-supabase-report.md
@@ -13,7 +13,7 @@ const result = await migrations.getSupabaseReport({
     apiKey: '<API_KEY>',
     databaseHost: '<DATABASE_HOST>',
     username: '<USERNAME>',
-    password: '<PASSWORD>',
+    password: 'password',
     port: null // optional
 });
 

diff --git a/docs/examples/organizations/get-invoice-download.md b/docs/examples/organizations/get-invoice-download.md
@@ -3,11 +3,12 @@ import { Client, Organizations } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const organizations = new Organizations(client);
 
-const result = await organizations.getInvoiceDownload({
+const result = organizations.getInvoiceDownload({
     organizationId: '<ORGANIZATION_ID>',
     invoiceId: '<INVOICE_ID>'
 });

diff --git a/docs/examples/organizations/get-invoice-view.md b/docs/examples/organizations/get-invoice-view.md
@@ -3,11 +3,12 @@ import { Client, Organizations } from "@appwrite.io/console";
 
 const client = new Client()
     .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
-    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+    .setProject('<YOUR_PROJECT_ID>') // Your project ID
+    .setImpersonateUserId(''); // Impersonate a user by ID on an already user-authenticated request. Requires the current request to be authenticated as a user with impersonator capability; X-Appwrite-Key alone is not sufficient. Impersonator users are intentionally granted users.read so they can discover a target before impersonation begins. Internal audit logs still attribute actions to the original impersonator and record the impersonated target only in internal audit payload data.
 
 const organizations = new Organizations(client);
 
-const result = await organizations.getInvoiceView({
+const result = organizations.getInvoiceView({
     organizationId: '<ORGANIZATION_ID>',
     invoiceId: '<INVOICE_ID>'
 });
-Original file line number
+Diff line change
@@ Expand Up / @@ -33,7 +33,7 @@ import { Client, Account } from "@appwrite.io/console"; @@
     To install with a CDN (content delivery network) add the following scripts to the bottom of your <body> tag, but before you use any Appwrite services:
     ```html
-    <script src="https://cdn.jsdelivr.net/npm/@appwrite.io/console@13.2.0"></script>
+    <script src="https://cdn.jsdelivr.net/npm/@appwrite.io/console@14.0.0"></script>
     ```
@@ Expand Down @@