# Base Queries

Here are the answers to your questions:

### 1. Protecting `debrief.md` with Role-Based Access (Requires "pearl" Role)

To restrict access to `debrief.md` for users with the `"pearl"` role, you can use:

- **OpenAPI/Swagger**: Add a `security` requirement in your OpenAPI spec:



```yaml
paths:
  /debrief.md:
    get:
      security:
        - pearl_auth: []
securitySchemes:
  pearl_auth:
    type: http
    scheme: bearer
    bearerFormat: JWT
```

- **Redocly Workflows**: Use [API Governance](https://redoc.ly/docs/api-gateway/access-control/) to enforce role-based access.
- **Server-Side**: Implement middleware (e.g., Node.js/Express):



```javascript
app.get('/debrief.md', (req, res) => {
  if (req.user.roles.includes('pearl')) {
    res.sendFile('debrief.md');
  } else {
    res.status(403).send('Forbidden');
  }
});
```

### 2. Creating a Code Walkthrough

Use **Redocly’s `x-codeSamples`** or **Swagger UI’s `try-it`** to guide users:


```yaml
paths:
  /endpoint:
    get:
      x-codeSamples:
        - lang: curl
          source: |
            curl -X GET https://api.example.com/endpoint \
              -H "Authorization: Bearer {token}"
        - lang: JavaScript
          source: |
            fetch('https://api.example.com/endpoint', {
              headers: { 'Authorization': 'Bearer {token}' }
            });
```

For a step-by-step guide, embed Markdown with code blocks in your docs.

### 3. Showing Only Mock Server in "Try It" Console

Configure the **`servers`** section in your OpenAPI spec to point to a mock server:


```yaml
servers:
  - url: https://mock.example.com
    description: Mock server
  # Omit real server URLs or mark them as "x-internal: true"
```

In Redocly, use the `x-mock` extension or disable real servers via:


```yaml
x-redocly:
  hide-hostname: true
```

### 4. Running API Monitoring on a Schedule

Use **Redocly’s API Monitoring**:

1. Set up a [monitoring job](https://redoc.ly/docs/api-monitoring/) in `redocly.yaml`:

```yaml
apiMonitoring:
  jobs:
    - name: Daily Check
      url: https://api.example.com/health
      method: GET
      schedule: “0 9 * * *”  # 9:00 AM daily (UTC)
```
2. Use **CI/CD** (GitHub Actions, CircleCI) to run `redocly monitor` periodically.


### 5. Making Headings Purple in Redocly

Add custom CSS via the `theme` property in `redocly.yaml`:


```yaml
theme:
  colors:
    primary:
      main: ‘#800080’  # Purple
  typography:
    headings:
      fontFamily: ‘Arial’
      fontWeight: ‘bold’
```

Or inject CSS directly:


```html
<style>
  h1, h2, h3 { color: purple !important; }
</style>
```

Let me know if you’d like further details on any step!