# get\_\_policy\_alerts
`GET /policy/alerts`
*Get Policy Alerts*
Retrieve all policy alerts across your organization, with optional filtering by workspace, repository, policy, and date range. This endpoint provides comprehensive alert monitoring capabilities for AI policy enforcement.
**Key Features:**
* Filter alerts by workspace, repository, or policy
* Date range filtering for time-based analysis
* Pagination support with configurable page size
* Returns detailed alert information including user and API key details
* Automatic organization-level access control
* Workspace and repository access validation
**Query Filtering:**
* `workspaceId` - Filter alerts by workspace (optional)
* `repoId` - Filter alerts by repository (optional)
* `policyId` - Filter alerts by specific policy (optional)
* `from` - Start date for date range (ISO 8601 format, optional)
* `to` - End date for date range (ISO 8601 format, optional)
* `llmType` - Filter alerts by LLM type (comma-separated for multiple values, optional)
* `llmModel` - Filter alerts by LLM model (comma-separated for multiple values, optional)
* `host` - Filter alerts by host (comma-separated for multiple values, optional)
* `skip` - Number of records to skip (for pagination, default: 0)
* `take` - Number of records to return (default: 50, max: 100)
**Important Notes:**
* Only returns alerts for policies within the user's organization
* Organization admins can view all alerts across all workspaces
* Regular users can only view alerts for workspaces they have access to
* Alerts are sorted by timestamp in descending order (newest first)
* Maximum `take` value is 100
* If a user doesn't have access to a requested workspace/repo, an empty result is returned (not an error)
**Use Cases:**
* Monitor all policy alerts across the organization
* Track alert trends over time
* Generate compliance reports
* Investigate policy violations and alerts
* Audit AI usage and policy enforcement
#### TypeScript Client Library
```typescript
// Using the Flashback TypeScript client
import { FlashbackClient } from '@flashbacktech/flashbackclient';
const client = new FlashbackClient({
accessToken: 'your-access-token'
});
// Get policy alerts with optional filters
try {
const result = await client.getPolicyAlerts({
workspaceId: 'workspace-id-1',
repoId: 'repo-id-1',
policyId: 'policy-id-1',
from: '2024-01-01T00:00:00.000Z',
to: '2024-01-31T23:59:59.999Z',
llmType: ['OPENAI', 'ANTHROPIC'],
llmModel: ['gpt-4', 'claude-3'],
host: ['api.openai.com'],
take: 50,
skip: 0
});
console.log('Policy alerts:', result);
} catch (error) {
console.error('Failed to retrieve policy alerts:', error);
}
```
#### Code Samples
{% tabs %}
{% tab title="Shell" %}
```shell
# You can also use wget
curl -X GET "https://backend.flashback.tech/policy/alerts?from=2024-01-01T00:00:00.000Z&to=2024-01-31T23:59:59.999Z&take=50" \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'
```
{% endtab %}
{% tab title="HTTP" %}
```http
GET https://backend.flashback.tech/policy/alerts?from=2024-01-01T00:00:00.000Z&to=2024-01-31T23:59:59.999Z HTTP/1.1
Host: backend.flashback.tech
Accept: application/json
Authorization: Bearer {access-token}
```
{% endtab %}
{% tab title="JavaScript" %}
```javascript
const headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
const queryParams = new URLSearchParams({
from: '2024-01-01T00:00:00.000Z',
to: '2024-01-31T23:59:59.999Z',
take: '50',
skip: '0'
});
fetch(`https://backend.flashback.tech/policy/alerts?${queryParams.toString()}`,
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
```
{% endtab %}
{% tab title="Ruby" %}
```ruby
require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://backend.flashback.tech/policy/alerts',
params: {
workspaceId: 'workspace-id-1',
repoId: 'repo-id-1',
policyId: 'policy-id-1',
from: '2024-01-01T00:00:00.000Z',
to: '2024-01-31T23:59:59.999Z',
take: 50,
skip: 0
}, headers: headers
p JSON.parse(result)
```
{% endtab %}
{% tab title="Python" %}
```python
import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
params = {
'workspaceId': 'workspace-id-1',
'repoId': 'repo-id-1',
'policyId': 'policy-id-1',
'from': '2024-01-01T00:00:00.000Z',
'to': '2024-01-31T23:59:59.999Z',
'take': 50,
'skip': 0
}
r = requests.get('https://backend.flashback.tech/policy/alerts', headers=headers, params=params)
print(r.json())
```
{% endtab %}
{% tab title="PHP" %}
```php
'application/json',
'Authorization' => 'Bearer {access-token}',
);
$client = new \GuzzleHttp\Client();
$queryParams = array(
'workspaceId' => 'workspace-id-1',
'repoId' => 'repo-id-1',
'policyId' => 'policy-id-1',
'from' => '2024-01-01T00:00:00.000Z',
'to' => '2024-01-31T23:59:59.999Z',
'take' => 50,
'skip' => 0
);
try {
$response = $client->request('GET','https://backend.flashback.tech/policy/alerts', array(
'headers' => $headers,
'query' => $queryParams,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
```
{% endtab %}
{% tab title="Java" %}
```java
import java.net.URLEncoder;
import java.net.HttpURLConnection;
import java.net.URL;
import java.io.BufferedReader;
import java.io.InputStreamReader;
String baseUrl = "https://backend.flashback.tech/policy/alerts";
String queryString = "from=2024-01-01T00:00:00.000Z&to=2024-01-31T23:59:59.999Z&take=50&skip=0";
URL obj = new URL(baseUrl + "?" + queryString);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("Authorization", "Bearer {access-token}");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
```
{% endtab %}
{% tab title="Go" %}
```go
package main
import (
"bytes"
"net/http"
"net/url"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
params := url.Values{}
params.Add("from", "2024-01-01T00:00:00.000Z")
params.Add("to", "2024-01-31T23:59:59.999Z")
params.Add("take", "50")
params.Add("skip", "0")
req, err := http.NewRequest("GET", "https://backend.flashback.tech/policy/alerts?" + params.Encode(), nil)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
```
{% endtab %}
{% endtabs %}
#### Parameters
| Name | In | Type | Required | Description |
| ----------- | ----- | ------- | -------- | ---------------------------------------------------------------- |
| workspaceId | query | string | false | Filter alerts by workspace ID |
| repoId | query | string | false | Filter alerts by repository ID |
| policyId | query | string | false | Filter alerts by policy ID |
| from | query | string | false | Start date for date range filter (ISO 8601) |
| to | query | string | false | End date for date range filter (ISO 8601) |
| llmType | query | string | false | Filter alerts by LLM type (comma-separated for multiple values) |
| llmModel | query | string | false | Filter alerts by LLM model (comma-separated for multiple values) |
| host | query | string | false | Filter alerts by host (comma-separated for multiple values) |
| take | query | integer | false | Number of records to return (default: 50, max: 100) |
| skip | query | integer | false | Number of records to skip (default: 0) |
> Example responses
> 200 Response
```json
{
"success": true,
"alerts": [
{
"id": "alert-123",
"policyId": "policy-456",
"policyName": "PII Protection Policy",
"timestamp": "2024-01-15T10:30:00.000Z",
"message": "Potential PII detected in conversation",
"conversationId": "conv-789",
"repoId": "repo-101",
"repoName": "Customer Support Repo",
"userId": "user-202",
"userName": "John Doe",
"repoAiApiKeyId": "apikey-303",
"repoAiApiKeyName": "Production OpenAI Key",
"llmType": "OPENAI",
"llmModel": "gpt-4",
"host": "api.openai.com"
},
{
"id": "alert-124",
"policyId": "policy-456",
"policyName": "PII Protection Policy",
"timestamp": "2024-01-14T14:20:00.000Z",
"message": "Suspicious pattern detected in AI interaction",
"conversationId": null,
"repoId": "repo-101",
"repoName": "Customer Support Repo",
"userId": "user-203",
"userName": "Jane Smith",
"repoAiApiKeyId": "apikey-303",
"repoAiApiKeyName": "Production OpenAI Key"
}
],
"total": 2,
"skip": 0,
"take": 50
}
```
#### Responses
| Status | Meaning | Description | Schema |
| ------ | -------------------------------------------------------------------------- | ------------------------------------- | ------ |
| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | Successfully retrieved alerts | Inline |
| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | Invalid request parameters | Inline |
| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | Repo not found (when repoId provided) | Inline |
| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | Failed to retrieve alerts | Inline |
#### Response Schema
Status Code **200**
| Name | Type | Required | Restrictions | Description |
| ------------------- | --------- | -------- | ------------ | ------------------------------------------------------------------------- |
| » success | boolean | true | none | Operation success status |
| » alerts | \[object] | true | none | Array of policy alert objects |
| »» id | string | true | none | Unique identifier for the alert |
| »» policyId | string | true | none | Policy ID that triggered the alert |
| »» policyName | string | true | none | Name of the policy that triggered the alert |
| »» timestamp | string | true | none | ISO 8601 timestamp when alert was triggered |
| »» message | string | true | none | Alert message describing what triggered the alert |
| »» conversationId | string | true | none | Conversation ID where alert occurred (null if not applicable) |
| »» repoId | string | true | none | Repository ID where alert occurred |
| »» repoName | string | true | none | Repository name where alert occurred |
| »» userId | string | true | none | User ID who triggered the alert |
| »» userName | string | true | none | Full name of the user who triggered the alert |
| »» repoAiApiKeyId | string | true | none | API key ID used in the operation |
| »» repoAiApiKeyName | string | true | none | API key name used in the operation |
| »» llmType | string | true | none | LLM provider type (e.g., "OPENAI", "ANTHROPIC", "GOOGLE", "AWS", "OTHER") |
| »» llmModel | string | true | none | LLM model name (e.g., "gpt-4", "claude-3") |
| »» host | string | true | none | Host/domain of the LLM API endpoint |
| » total | integer | true | none | Total number of alerts matching the query (for pagination) |
| » skip | integer | true | none | Number of records skipped |
| » take | integer | true | none | Number of records returned |
Status Code **400**
| Name | Type | Required | Restrictions | Description |
| --------- | ------- | -------- | ------------ | -------------------------------- |
| » success | boolean | true | none | Always false for error responses |
| » alerts | array | true | none | Empty array |
| » total | integer | true | none | Always 0 |
| » skip | integer | true | none | Always 0 |
| » take | integer | true | none | Always 0 |
Status Code **404**
| Name | Type | Required | Restrictions | Description |
| --------- | ------- | -------- | ------------ | -------------------------------------- |
| » success | boolean | true | none | Always false for error responses |
| » alerts | array | true | none | Empty array |
| » total | integer | true | none | Always 0 |
| » skip | integer | true | none | Always 0 |
| » take | integer | true | none | Always 0 |
| » message | string | false | none | Error message (e.g., "Repo not found") |
Status Code **500**
| Name | Type | Required | Restrictions | Description |
| --------- | ------- | -------- | ------------ | ----------------------------------------------------- |
| » success | boolean | true | none | Always false for error responses |
| » alerts | array | true | none | Empty array |
| » total | integer | true | none | Always 0 |
| » skip | integer | true | none | Always 0 |
| » take | integer | true | none | Always 0 |
| » message | string | false | none | Error message (e.g., "Failed to fetch policy alerts") |
To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.flashback.tech/support-reference/platform-api-reference/ai-apis/ai-policy/get__policy_alerts.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.