Overview
Subjects
Memberships
Roles
Role Assignments
Permissions
Role Permissions
Scopes
Scope Types
Scope Hierarchy
Scope Type Hierarchy
Scope Overrides
- GETGet Role Overrides
- POSTCreate Role Override
- PUTUpdate Role Override
- DELDelete Role Override
- DELDelete Role Override by Scope and Role
- GETGet Permission Overrides
- POSTCreate Permission Override
- PUTUpdate Permission Override
- DELDelete Permission Override
- DELDelete Permission Override by Scope and Permission
- GETGet Role-Permission Overrides
- POSTCreate Role-Permission Override
- PUTUpdate Role-Permission Override
- DELDelete Role-Permission Override
- DELDelete Role-Permission Override by IDs
Resource Types
Resources
Resource Scope Links
Resource Collections
Resource Policies
Tag Groups
Tag Assignments
Workspaces
Environments
Copy
curl -X GET 'https://api.example.com/resource-policies?scopeId=scope_org' \
-H 'Authorization: Bearer YOUR_TOKEN'
Copy
[
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
"scopeId": "scope_org",
"name": "Finance Team Access",
"description": "Allow finance team to read finance documents",
"target": {
"kind": "collection",
"collectionId": "collection_finance_docs"
},
"actions": ["read", "update"],
"effect": "allow",
"priority": 50,
"subjectCondition": {
"==": [{"var": "subject.meta.department"}, "finance"]
},
"createdAt": "2024-01-15T10:30:00Z"
},
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5c",
"scopeId": "scope_org",
"name": "Block Archived",
"target": {
"kind": "collection",
"collectionId": "collection_archived"
},
"actions": ["*"],
"effect": "deny",
"priority": 100,
"createdAt": "2024-01-15T11:00:00Z"
}
]
Resource Policies
Get Resource Policies
Get resource policies for a scope
GET
http://localhost:3000
/
resource-policies
Copy
curl -X GET 'https://api.example.com/resource-policies?scopeId=scope_org' \
-H 'Authorization: Bearer YOUR_TOKEN'
Copy
[
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
"scopeId": "scope_org",
"name": "Finance Team Access",
"description": "Allow finance team to read finance documents",
"target": {
"kind": "collection",
"collectionId": "collection_finance_docs"
},
"actions": ["read", "update"],
"effect": "allow",
"priority": 50,
"subjectCondition": {
"==": [{"var": "subject.meta.department"}, "finance"]
},
"createdAt": "2024-01-15T10:30:00Z"
},
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5c",
"scopeId": "scope_org",
"name": "Block Archived",
"target": {
"kind": "collection",
"collectionId": "collection_archived"
},
"actions": ["*"],
"effect": "deny",
"priority": 100,
"createdAt": "2024-01-15T11:00:00Z"
}
]
Query Parameters
ID of the scope to get policies for
Filter by policies targeting a specific resource
Filter by policies targeting a specific collection
Filter by effect:
allow or denyResponse
Returns an array of resource policy objects.Copy
curl -X GET 'https://api.example.com/resource-policies?scopeId=scope_org' \
-H 'Authorization: Bearer YOUR_TOKEN'
Copy
[
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
"scopeId": "scope_org",
"name": "Finance Team Access",
"description": "Allow finance team to read finance documents",
"target": {
"kind": "collection",
"collectionId": "collection_finance_docs"
},
"actions": ["read", "update"],
"effect": "allow",
"priority": 50,
"subjectCondition": {
"==": [{"var": "subject.meta.department"}, "finance"]
},
"createdAt": "2024-01-15T10:30:00Z"
},
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5c",
"scopeId": "scope_org",
"name": "Block Archived",
"target": {
"kind": "collection",
"collectionId": "collection_archived"
},
"actions": ["*"],
"effect": "deny",
"priority": 100,
"createdAt": "2024-01-15T11:00:00Z"
}
]
Was this page helpful?
⌘I