Policies
Policies define rules that govern agent behavior. Each tenant can have one active policy at a time. When a new policy is created, the previous active policy is automatically archived.
Policy structure
A policy document contains:
| Field | Type | Description |
|---|---|---|
name | string | Policy name |
description | string | Human-readable description |
defaultDecision | string | allowed, requires_review, or denied |
rules | array | Ordered list of rules |
Each rule contains:
| Field | Type | Description |
|---|---|---|
id | string | Unique rule identifier |
decision | string | allowed, requires_review, or denied |
priority | number | Evaluation order (lower = higher priority) |
conditions | object | Matching criteria (toolType, operation, targetSystem, initiatorType) |
POST
/v1/policiesCreate a new policy. Automatically archives the previous active policy.
Example request:
{
"name": "Production Safety Policy",
"description": "Requires review for destructive operations",
"defaultDecision": "allowed",
"rules": [
{
"id": "block-bulk-delete",
"decision": "denied",
"priority": 1,
"conditions": {
"operation": "delete",
"targetSystem": "production-db"
}
},
{
"id": "review-external-api",
"decision": "requires_review",
"priority": 2,
"conditions": {
"toolType": "external_api"
}
}
]
}GET
/v1/policiesList all policies (active and archived).
GET
/v1/policies/:idGet a single policy with full rule details.
PATCH
/v1/policies/:idUpdate policy name, description, or rules.
Only supplied fields are changed.
DELETE
/v1/policies/:idArchive a policy (soft delete).
Last updated on