Create Policy

curl -X POST "https://api-production-56df.up.railway.app/policies/cust_8f2e4a91-bb3c-4d17-a1e0-6c9f3d5b7e82" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your-api-key" \
  -d '{
    "sensitive_fields": [
      "ssn",
      "credit_card",
      "api_key",
      "password",
      "date_of_birth",
      "bank_account"
    ],
    "allowed_tools": [
      "read_file",
      "search_code",
      "create_pull_request",
      "list_issues",
      "send_message"
    ],
    "blocked_actions": [
      "database:table:drop",
      "filesystem:file:delete",
      "cloud:iam:modify",
      "cloud:secrets:read"
    ],
    "custom_rules": {
      "max_sensitivity_for_batch": {
        "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
        "score_impact": 30,
        "description": "Flag large batch operations on sensitive resources"
      },
      "after_hours_penalty": {
        "condition": "hour(timestamp) < 6 OR hour(timestamp) > 22",
        "score_impact": 15,
        "description": "Elevate risk for actions outside business hours"
      }
    },
    "allowed_action_patterns": [
      "github:pull_request:*",
      "slack:message:send",
      "jira:issue:*"
    ],
    "blocked_action_patterns": [
      "*:*:delete",
      "cloud:iam:*",
      "database:schema:*"
    ],
    "sensitive_classifications": [
      "PII",
      "PHI",
      "financial",
      "secret",
      "restricted"
    ]
  }'

{
  "customer_id": "cust_8f2e4a91-bb3c-4d17-a1e0-6c9f3d5b7e82",
  "policies": {
    "sensitive_fields": ["ssn", "credit_card", "api_key", "password", "date_of_birth", "bank_account"],
    "allowed_tools": ["read_file", "search_code", "create_pull_request", "list_issues", "send_message"],
    "blocked_actions": ["database:table:drop", "filesystem:file:delete", "cloud:iam:modify", "cloud:secrets:read"],
    "custom_rules": {
      "max_sensitivity_for_batch": {
        "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
        "score_impact": 30,
        "description": "Flag large batch operations on sensitive resources"
      },
      "after_hours_penalty": {
        "condition": "hour(timestamp) < 6 OR hour(timestamp) > 22",
        "score_impact": 15,
        "description": "Elevate risk for actions outside business hours"
      }
    },
    "allowed_action_patterns": ["github:pull_request:*", "slack:message:send", "jira:issue:*"],
    "blocked_action_patterns": ["*:*:delete", "cloud:iam:*", "database:schema:*"],
    "sensitive_classifications": ["PII", "PHI", "financial", "secret", "restricted"]
  },
  "updated_at": "2026-02-26T15:00:00Z"
}

POST

https://api-production-56df.up.railway.app

policies

{customer_id}

curl -X POST "https://api-production-56df.up.railway.app/policies/cust_8f2e4a91-bb3c-4d17-a1e0-6c9f3d5b7e82" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your-api-key" \
  -d '{
    "sensitive_fields": [
      "ssn",
      "credit_card",
      "api_key",
      "password",
      "date_of_birth",
      "bank_account"
    ],
    "allowed_tools": [
      "read_file",
      "search_code",
      "create_pull_request",
      "list_issues",
      "send_message"
    ],
    "blocked_actions": [
      "database:table:drop",
      "filesystem:file:delete",
      "cloud:iam:modify",
      "cloud:secrets:read"
    ],
    "custom_rules": {
      "max_sensitivity_for_batch": {
        "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
        "score_impact": 30,
        "description": "Flag large batch operations on sensitive resources"
      },
      "after_hours_penalty": {
        "condition": "hour(timestamp) < 6 OR hour(timestamp) > 22",
        "score_impact": 15,
        "description": "Elevate risk for actions outside business hours"
      }
    },
    "allowed_action_patterns": [
      "github:pull_request:*",
      "slack:message:send",
      "jira:issue:*"
    ],
    "blocked_action_patterns": [
      "*:*:delete",
      "cloud:iam:*",
      "database:schema:*"
    ],
    "sensitive_classifications": [
      "PII",
      "PHI",
      "financial",
      "secret",
      "restricted"
    ]
  }'

{
  "customer_id": "cust_8f2e4a91-bb3c-4d17-a1e0-6c9f3d5b7e82",
  "policies": {
    "sensitive_fields": ["ssn", "credit_card", "api_key", "password", "date_of_birth", "bank_account"],
    "allowed_tools": ["read_file", "search_code", "create_pull_request", "list_issues", "send_message"],
    "blocked_actions": ["database:table:drop", "filesystem:file:delete", "cloud:iam:modify", "cloud:secrets:read"],
    "custom_rules": {
      "max_sensitivity_for_batch": {
        "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
        "score_impact": 30,
        "description": "Flag large batch operations on sensitive resources"
      },
      "after_hours_penalty": {
        "condition": "hour(timestamp) < 6 OR hour(timestamp) > 22",
        "score_impact": 15,
        "description": "Elevate risk for actions outside business hours"
      }
    },
    "allowed_action_patterns": ["github:pull_request:*", "slack:message:send", "jira:issue:*"],
    "blocked_action_patterns": ["*:*:delete", "cloud:iam:*", "database:schema:*"],
    "sensitive_classifications": ["PII", "PHI", "financial", "secret", "restricted"]
  },
  "updated_at": "2026-02-26T15:00:00Z"
}

Requires X-API-Key header for authentication.

Path Parameters

customer_id

string

required

UUID of the customer to create the policy for.

Request Body

sensitive_fields

array

List of field names that should be treated as sensitive. When an agent accesses these fields, the risk score is elevated.

Example

["ssn", "credit_card", "api_key", "password", "date_of_birth"]

allowed_tools

array

List of MCP tool names that agents are permitted to use. Events using unlisted tools may be flagged.

Example

["read_file", "search_code", "create_pull_request"]

blocked_actions

array

List of specific domain:scope:verb action strings that are explicitly prohibited.

Example

["database:table:drop", "filesystem:file:delete", "cloud:iam:modify"]

custom_rules

object

Key-value pairs defining custom scoring rules. Keys are rule identifiers; values are rule configuration objects.

Show custom rule example

{
  "max_sensitivity_for_batch": {
    "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
    "score_impact": 30,
    "description": "Flag large batch operations on sensitive resources"
  }
}

allowed_action_patterns

array

Glob patterns for actions that are pre-approved. Matching events receive lower risk scores.

Example

["github:pull_request:*", "slack:message:send", "jira:issue:*"]

blocked_action_patterns

array

Glob patterns for actions that are prohibited. Matching events receive elevated risk scores.

Example

["*:*:delete", "cloud:iam:*", "database:schema:*"]

sensitive_classifications

array

List of data classification labels that should trigger elevated scoring when accessed by agents.

Example

["PII", "PHI", "financial", "secret", "restricted"]

Response

customer_id

string

The customer UUID.

policies

object

The complete policy configuration as stored.

Show policies properties

sensitive_fields

array

Configured sensitive field names.

allowed_tools

array

Configured allowed MCP tools.

blocked_actions

array

Configured blocked actions.

custom_rules

object

Configured custom scoring rules.

allowed_action_patterns

array

Configured allowed action patterns.

blocked_action_patterns

array

Configured blocked action patterns.

sensitive_classifications

array

Configured sensitive data classifications.

updated_at

datetime

ISO 8601 timestamp of when the policy was created.

curl -X POST "https://api-production-56df.up.railway.app/policies/cust_8f2e4a91-bb3c-4d17-a1e0-6c9f3d5b7e82" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your-api-key" \
  -d '{
    "sensitive_fields": [
      "ssn",
      "credit_card",
      "api_key",
      "password",
      "date_of_birth",
      "bank_account"
    ],
    "allowed_tools": [
      "read_file",
      "search_code",
      "create_pull_request",
      "list_issues",
      "send_message"
    ],
    "blocked_actions": [
      "database:table:drop",
      "filesystem:file:delete",
      "cloud:iam:modify",
      "cloud:secrets:read"
    ],
    "custom_rules": {
      "max_sensitivity_for_batch": {
        "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
        "score_impact": 30,
        "description": "Flag large batch operations on sensitive resources"
      },
      "after_hours_penalty": {
        "condition": "hour(timestamp) < 6 OR hour(timestamp) > 22",
        "score_impact": 15,
        "description": "Elevate risk for actions outside business hours"
      }
    },
    "allowed_action_patterns": [
      "github:pull_request:*",
      "slack:message:send",
      "jira:issue:*"
    ],
    "blocked_action_patterns": [
      "*:*:delete",
      "cloud:iam:*",
      "database:schema:*"
    ],
    "sensitive_classifications": [
      "PII",
      "PHI",
      "financial",
      "secret",
      "restricted"
    ]
  }'

{
  "customer_id": "cust_8f2e4a91-bb3c-4d17-a1e0-6c9f3d5b7e82",
  "policies": {
    "sensitive_fields": ["ssn", "credit_card", "api_key", "password", "date_of_birth", "bank_account"],
    "allowed_tools": ["read_file", "search_code", "create_pull_request", "list_issues", "send_message"],
    "blocked_actions": ["database:table:drop", "filesystem:file:delete", "cloud:iam:modify", "cloud:secrets:read"],
    "custom_rules": {
      "max_sensitivity_for_batch": {
        "condition": "batch_size > 100 AND target.sensitivity_level >= 3",
        "score_impact": 30,
        "description": "Flag large batch operations on sensitive resources"
      },
      "after_hours_penalty": {
        "condition": "hour(timestamp) < 6 OR hour(timestamp) > 22",
        "score_impact": 15,
        "description": "Elevate risk for actions outside business hours"
      }
    },
    "allowed_action_patterns": ["github:pull_request:*", "slack:message:send", "jira:issue:*"],
    "blocked_action_patterns": ["*:*:delete", "cloud:iam:*", "database:schema:*"],
    "sensitive_classifications": ["PII", "PHI", "financial", "secret", "restricted"]
  },
  "updated_at": "2026-02-26T15:00:00Z"
}

Score Detail Get Policy

⌘I

API Reference

Endpoints

Create Policy

Path Parameters

Request Body

Response

API Reference

Endpoints

​Path Parameters

​Request Body

​Response

Path Parameters

Request Body

Response