Skip to main content
PATCH
/
resource-policies
/
{id}
curl -X PATCH 'https://api.example.com/resource-policies/policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b' \
  -H 'Authorization: Bearer YOUR_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "actions": ["read", "update", "delete"],
    "priority": 75
  }'

{
  "id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
  "scopeId": "scope_org",
  "name": "Finance Team Access",
  "description": "Allow finance team to read finance documents",
  "target": {
    "kind": "collection",
    "collectionId": "collection_finance_docs"
  },
  "actions": ["read", "update", "delete"],
  "effect": "allow",
  "priority": 75,
  "subjectCondition": {
    "==": [{"var": "subject.meta.department"}, "finance"]
  },
  "createdAt": "2024-01-15T10:30:00Z"
}

Path Parameters

id
string
required
The resource policy ID

Request Body

name
string
Display name for the policy
description
string
Description of what this policy does
actions
array
Actions this policy applies to
effect
string
Policy effect: allow or deny
priority
number
Higher priority policies are evaluated first
subjectCondition
object
JSON Logic condition to match the actor
contextCondition
object
JSON Logic condition to match request context
The target cannot be changed after creation. Create a new policy if you need to target a different resource or collection.

Response

Returns the updated resource policy object. 
curl -X PATCH 'https://api.example.com/resource-policies/policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b' \
  -H 'Authorization: Bearer YOUR_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "actions": ["read", "update", "delete"],
    "priority": 75
  }'

{
  "id": "policy_0190a1b2-c3d4-7e5f-8a9b-0c1d2e3f4a5b",
  "scopeId": "scope_org",
  "name": "Finance Team Access",
  "description": "Allow finance team to read finance documents",
  "target": {
    "kind": "collection",
    "collectionId": "collection_finance_docs"
  },
  "actions": ["read", "update", "delete"],
  "effect": "allow",
  "priority": 75,
  "subjectCondition": {
    "==": [{"var": "subject.meta.department"}, "finance"]
  },
  "createdAt": "2024-01-15T10:30:00Z"
}