Overview
Subjects
Memberships
Roles
Role Assignments
Permissions
Role Permissions
Scopes
Scope Types
Scope Hierarchy
Scope Type Hierarchy
Scope Overrides
- GETGet Role Overrides
- POSTCreate Role Override
- PUTUpdate Role Override
- DELDelete Role Override
- DELDelete Role Override by Scope and Role
- GETGet Permission Overrides
- POSTCreate Permission Override
- PUTUpdate Permission Override
- DELDelete Permission Override
- DELDelete Permission Override by Scope and Permission
- GETGet Role-Permission Overrides
- POSTCreate Role-Permission Override
- PUTUpdate Role-Permission Override
- DELDelete Role-Permission Override
- DELDelete Role-Permission Override by IDs
Resource Types
Resources
Resource Scope Links
Resource Collections
Resource Policies
Tag Groups
Tag Assignments
Workspaces
Environments
Copy
curl -X PATCH 'https://api.example.com/resource-policies/policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"actions": ["read", "update", "delete"],
"priority": 75
}'
Copy
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
"scopeId": "scope_org",
"name": "Finance Team Access",
"description": "Allow finance team to read finance documents",
"target": {
"kind": "collection",
"collectionId": "collection_finance_docs"
},
"actions": ["read", "update", "delete"],
"effect": "allow",
"priority": 75,
"subjectCondition": {
"==": [{"var": "subject.meta.department"}, "finance"]
},
"createdAt": "2024-01-15T10:30:00Z"
}
Resource Policies
Update Resource Policy
Update a resource policy
PATCH
http://localhost:3000
/
resource-policies
/
{id}
Copy
curl -X PATCH 'https://api.example.com/resource-policies/policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"actions": ["read", "update", "delete"],
"priority": 75
}'
Copy
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
"scopeId": "scope_org",
"name": "Finance Team Access",
"description": "Allow finance team to read finance documents",
"target": {
"kind": "collection",
"collectionId": "collection_finance_docs"
},
"actions": ["read", "update", "delete"],
"effect": "allow",
"priority": 75,
"subjectCondition": {
"==": [{"var": "subject.meta.department"}, "finance"]
},
"createdAt": "2024-01-15T10:30:00Z"
}
Path Parameters
The resource policy ID
Request Body
Display name for the policy
Description of what this policy does
Actions this policy applies to
Policy effect:
allow or denyHigher priority policies are evaluated first
JSON Logic condition to match the actor
JSON Logic condition to match request context
The
target cannot be changed after creation. Create a new policy if you need to target a different resource or collection.Response
Returns the updated resource policy object.Copy
curl -X PATCH 'https://api.example.com/resource-policies/policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"actions": ["read", "update", "delete"],
"priority": 75
}'
Copy
{
"id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
"scopeId": "scope_org",
"name": "Finance Team Access",
"description": "Allow finance team to read finance documents",
"target": {
"kind": "collection",
"collectionId": "collection_finance_docs"
},
"actions": ["read", "update", "delete"],
"effect": "allow",
"priority": 75,
"subjectCondition": {
"==": [{"var": "subject.meta.department"}, "finance"]
},
"createdAt": "2024-01-15T10:30:00Z"
}
Was this page helpful?
⌘I