get__policy
⚠️ TEST ENVIRONMENT ONLY
GET /policy
List AI Policies
Retrieve a list of AI governance policies based on filtering criteria. This endpoint returns policies at various scope levels (organization, workspace, or repository) that the user has permission to view.
Query Filtering:
Required:
orgId- Organization identifierOptional:
workspaceId- Filter by workspaceOptional:
repoId- Filter by repository
Policy Hierarchy:
The endpoint returns policies based on the specified scope:
Organization-level policies (when only
orgIdis provided)Workspace-level policies (when
orgIdandworkspaceIdare provided)Repository-level policies (when
orgId,workspaceId, andrepoIdare provided)
Important Notes:
Only returns policies the user has permission to view
Results are automatically filtered based on user's workspace access
Organization admin users see all organization policies
Non-admin users only see policies for workspaces they can access
Deleted policies are excluded from results
Use Cases:
Display policies in admin dashboards
Audit and compliance reporting
Policy management interfaces
Understanding which policies apply to specific resources
TypeScript Client Library
public getPolicies = async (query: GetPoliciesQuery): Promise<{ success: boolean; policies: PolicyDTO[] }> => {
const queryParams = new URLSearchParams();
queryParams.append('orgId', query.orgId);
if (query.workspaceId) {
queryParams.append('workspaceId', query.workspaceId);
}
if (query.repoId) {
queryParams.append('repoId', query.repoId);
}
return this.makeRequest<{ success: boolean; policies: PolicyDTO[] }>(
`policy?${queryParams.toString()}`,
'GET',
null
);
};Code Samples
# You can also use wget
curl -X GET https://backend.flashback.tech/policy?orgId=org-123&workspaceId=workspace-456 \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'GET https://backend.flashback.tech/policy?orgId=org-123&workspaceId=workspace-456 HTTP/1.1
Host: backend.flashback.tech
Accept: application/jsonconst headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://backend.flashback.tech/policy?orgId=org-123&workspaceId=workspace-456',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://backend.flashback.tech/policy',
params: {
'orgId' => 'string',
'workspaceId' => 'string'
}, headers: headers
p JSON.parse(result)import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://backend.flashback.tech/policy', params={
'orgId': 'org-123',
'workspaceId': 'workspace-456'
}, headers = headers)
print(r.json())<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}',
);
$client = new \GuzzleHttp\Client();
try {
$response = $client->request('GET','https://backend.flashback.tech/policy', array(
'headers' => $headers,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...URL obj = new URL("https://backend.flashback.tech/policy?orgId=org-123&workspaceId=workspace-456");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://backend.flashback.tech/policy", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}Parameters
orgId
query
string
true
Organization ID to filter policies
workspaceId
query
string
false
Workspace ID to filter policies (optional)
repoId
query
string
false
Repository ID to filter policies (optional)
Example responses
200 Response
{
"success": true,
"policies": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"orgId": "org-123",
"name": "PII Protection Policy",
"content": "Do not allow sharing of personally identifiable information...",
"riskType": "HIGH",
"actionType": 2,
"createdBy": {
"id": "user-789",
"name": "John",
"lastName": "Doe",
"email": "[email protected]"
},
"createdAt": "2024-01-15T10:30:00.000Z",
"lastUpdatedBy": {
"id": "user-789",
"name": "John",
"lastName": "Doe",
"email": "[email protected]"
},
"lastUpdatedAt": "2024-01-15T10:30:00.000Z",
"workspaceId": "workspace-456",
"repoId": null,
"workspace": {
"id": "workspace-456",
"name": "Production Workspace"
},
"repo": null
},
{
"id": "660f9511-f3ac-52e5-b827-557766551111",
"orgId": "org-123",
"name": "Code Security Policy",
"content": "Do not allow sharing of API keys, passwords, or secrets...",
"riskType": "HIGH",
"actionType": 2,
"createdBy": {
"id": "user-456",
"name": "Jane",
"lastName": "Smith",
"email": "[email protected]"
},
"createdAt": "2024-01-10T08:00:00.000Z",
"lastUpdatedBy": {
"id": "user-456",
"name": "Jane",
"lastName": "Smith",
"email": "[email protected]"
},
"lastUpdatedAt": "2024-01-12T14:20:00.000Z",
"workspaceId": null,
"repoId": null,
"workspace": null,
"repo": null
}
]
}Responses
Response Schema
Status Code 200
» success
boolean
false
none
Operation success status
» policies
[object]
false
none
Array of policy objects
»» id
string
false
none
Unique identifier for the policy
»» orgId
string
false
none
Organization ID
»» name
string
false
none
Policy name
»» content
string
false
none
Policy content/rules
»» riskType
string
false
none
Risk classification (LOW, MEDIUM, HIGH)
»» actionType
integer
false
none
Action type (0=log, 1=alert, 2=block)
»» createdBy
object
false
none
User who created the policy
»»» id
string
false
none
User ID
»»» name
string
false
none
User first name
»»» lastName
string
false
none
User last name
string
false
none
User email
»» createdAt
string
false
none
ISO 8601 timestamp
»» lastUpdatedBy
object
false
none
User who last updated the policy
»»» id
string
false
none
User ID
»»» name
string
false
none
User first name
»»» lastName
string
false
none
User last name
string
false
none
User email
»» lastUpdatedAt
string
false
none
ISO 8601 timestamp
»» workspaceId
string
false
none
Workspace ID (null for org-level)
»» repoId
string
false
none
Repository ID (null for workspace/org-level)
»» workspace
object
false
none
Workspace details (if applicable)
»»» id
string
false
none
Workspace ID
»»» name
string
false
none
Workspace name
»» repo
object
false
none
Repository details (if applicable)
»»» id
string
false
none
Repository ID
»»» name
string
false
none
Repository name
Status Code 400
» success
boolean
false
none
none
» message
string
false
none
Error message
Status Code 403
» success
boolean
false
none
none
» message
string
false
none
Error message
Status Code 500
» success
boolean
false
none
none
» message
string
false
none
Error message
To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth
Last updated
Was this helpful?