get__policy_{policyId}

⚠️ TEST ENVIRONMENT ONLY

This API endpoint is currently available only in the TEST environment. It is not yet available in production.

GET /policy/{policyId}

Get AI Policy by ID

Retrieve detailed information about a specific AI governance policy by its unique identifier.

Key Features:

Returns complete policy details including creator and updater information
Includes associated workspace and repository details (if applicable)
Validates user permissions before returning policy data

Important Notes:

Users must belong to the same organization as the policy
Users must have read permissions for the policy based on its scope level
Only non-deleted policies can be retrieved
Returns 404 if policy doesn't exist or has been deleted

Security:

Organization boundaries are enforced
Permission checks ensure users can only view policies they have access to
Workspace-level and repository-level policies require appropriate access

Use Cases:

Display policy details in admin interfaces
Audit and compliance review
Policy configuration and management
Validation before policy updates

TypeScript Client Library

public getPolicy = async (policyId: string): Promise<{ success: boolean; policy: PolicyDTO }> => {
  return this.makeRequest<{ success: boolean; policy: PolicyDTO }>(`policy/${policyId}`, 'GET', null);
};

Code Samples

# You can also use wget
curl -X GET https://backend.flashback.tech/policy/{policyId} \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}'

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('https://backend.flashback.tech/policy/{policyId}',
{
  method: 'GET',
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://backend.flashback.tech/policy/{policyId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://backend.flashback.tech/policy/{policyId}', headers = headers)

print(r.json())

<?php

require 'vendor/autoload.php';

$headers = array(
    'Accept' => 'application/json',
    'Authorization' => 'Bearer {access-token}',
);

$client = new \GuzzleHttp\Client();

try {
    $response = $client->request('GET','https://backend.flashback.tech/policy/{policyId}', array(
        'headers' => $headers,
       )
    );
    print_r($response->getBody()->getContents());
 }
 catch (\GuzzleHttp\Exception\BadResponseException $e) {
    // handle exception or api errors.
    print_r($e->getMessage());
 }

 // ...

URL obj = new URL("https://backend.flashback.tech/policy/{policyId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://backend.flashback.tech/policy/{policyId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Parameters

Name

Type

Required

Description

policyId

path

string

true

Unique identifier of the policy

Example responses

200 Response

{
  "success": true,
  "policy": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "orgId": "org-123",
    "name": "PII Protection Policy",
    "content": "Do not allow sharing of personally identifiable information (PII) such as social security numbers, credit card numbers, or personal addresses in AI interactions.",
    "riskType": "HIGH",
    "actionType": 2,
    "createdBy": {
      "id": "user-789",
      "name": "John",
      "lastName": "Doe",
      "email": "[email protected]"
    },
    "createdAt": "2024-01-15T10:30:00.000Z",
    "lastUpdatedBy": {
      "id": "user-890",
      "name": "Jane",
      "lastName": "Smith",
      "email": "[email protected]"
    },
    "lastUpdatedAt": "2024-01-20T14:15:00.000Z",
    "workspaceId": "workspace-456",
    "repoId": null,
    "workspace": {
      "id": "workspace-456",
      "name": "Production Workspace"
    },
    "repo": null
  }
}

Responses

Status

Meaning

Description

Schema

200

Successfully retrieved policy

Inline

400

Bad Request

Invalid request

Inline

403

Forbidden

Insufficient permissions

Inline

404

Not Found

Policy not found

Inline

500

Internal Server Error

Failed to retrieve policy

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Operation success status

» policy

object

false

none

Policy object

»» id

string

false

none

Unique identifier for the policy

»» orgId

string

false

none

Organization ID

»» name

string

false

none

Policy name

»» content

string

false

none

Policy content/rules

»» riskType

string

false

none

Risk classification (LOW, MEDIUM, HIGH)

»» actionType

integer

false

none

Action type (0=log, 1=alert, 2=block)

»» createdBy

object

false

none

User who created the policy

»»» id

string

false

none

User ID

»»» name

string

false

none

User first name

»»» lastName

string

false

none

User last name

»»» email

string

false

none

User email

»» createdAt

string

false

none

ISO 8601 timestamp

»» lastUpdatedBy

object

false

none

User who last updated the policy

»»» id

string

false

none

User ID

»»» name

string

false

none

User first name

»»» lastName

string

false

none

User last name

»»» email

string

false

none

User email

»» lastUpdatedAt

string

false

none

ISO 8601 timestamp

»» workspaceId

string

false

none

Workspace ID (null for org-level)

»» repoId

string

false

none

Repository ID (null for workspace/org-level)

»» workspace

object

false

none

Workspace details (if applicable)

»»» id

string

false

none

Workspace ID

»»» name

string

false

none

Workspace name

»» repo

object

false

none

Repository details (if applicable)

»»» id

string

false

none

Repository ID

»»» name

string

false

none

Repository name

Status Code 400

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

» message

string

false

none

Error message

Status Code 403

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

» message

string

false

none

Error message

Status Code 404

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

» message

string

false

none

Error message

Status Code 500

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

» message

string

false

none

Error message

To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth

Previousget__policy Nextdelete__policy_{policyId}

Last updated 27 days ago

Was this helpful?