Skip to main content

Policies API

Customer policies define the security rules that Layer 3 (Policy Violation) evaluates against. Policies are scoped per customer and support glob pattern matching for flexible action control.

Endpoints

POST /policies/{id}

Create a new policy configuration

GET /policies/{id}

Retrieve current policy configuration

PUT /policies/{id}

Update policy configuration

Policy Schema

{
  "sensitive_fields": ["email", "ssn", "credit_card"],
  "allowed_tools": ["github-mcp", "slack-mcp"],
  "blocked_actions": ["data:export:*", "sys:env:var.read"],
  "custom_rules": {},
  "allowed_action_patterns": ["mcp:github:*", "mcp:slack:message.*"],
  "blocked_action_patterns": ["mcp:*:*.delete", "net:external:*"],
  "sensitive_classifications": ["pii", "pii_sensitive", "financial"]
}

Policy Fields

FieldTypeDescription
sensitive_fieldsstring[]Field names to flag as PII (e.g., “email”, “ssn”)
allowed_toolsstring[]Legacy allowlist of tool names
blocked_actionsstring[]Legacy blocklist of action strings
allowed_action_patternsstring[]Glob patterns for permitted actions
blocked_action_patternsstring[]Glob patterns for blocked actions (overrides allowed)
sensitive_classificationsDataClassification[]Data classifications that trigger PII checks
custom_rulesobjectCustom rule definitions (JSON)

Pattern Matching

Policies use glob patterns for flexible action matching: 
# Match all MCP actions
"mcp:*"

# Match all GitHub MCP actions
"mcp:github:*"

# Match all delete verbs across all domains
"*:*:*.delete"

# Match all external network sends
"net:external:*"
Precedence rules:
  • blocked_action_patterns takes precedence over allowed_action_patterns
  • More specific patterns override less specific ones
  • If an action matches both block and permit, block wins

Scoring Impact

When policies match an event during Layer 3 evaluation:
MatchScore Impact
Explicitly permitted by matching policy-20 (reduces score)
No matching policy+0
Matches a block pattern+70 minimum (floors the score)
Matches sensitive_classifications+30 per sensitive field type

Example

# Create a strict PII policy
curl -X POST https://api-production-56df.up.railway.app/policies/eec10443-1791-4584-86d6-478af5babebd \
  -H "Content-Type: application/json" \
  -H "X-API-Key: sk-acme-b96cb84498324444" \
  -d '{
    "sensitive_fields": ["ssn", "credit_card", "passport_number"],
    "blocked_action_patterns": [
      "data:field:pii_sensitive.*",
      "net:external:data.send",
      "mcp:*:*.export"
    ],
    "allowed_action_patterns": [
      "mcp:github:*",
      "mcp:slack:message.send"
    ],
    "sensitive_classifications": ["pii_sensitive", "financial", "health"]
  }'