get__policy_alerts

GET /policy/alerts

Get Policy Alerts

Retrieve all policy alerts across your organization, with optional filtering by workspace, repository, policy, and date range. This endpoint provides comprehensive alert monitoring capabilities for AI policy enforcement.

Key Features:

Filter alerts by workspace, repository, or policy
Date range filtering for time-based analysis
Pagination support with configurable page size
Returns detailed alert information including user and API key details
Automatic organization-level access control
Workspace and repository access validation

Query Filtering:

workspaceId - Filter alerts by workspace (optional)
repoId - Filter alerts by repository (optional)
policyId - Filter alerts by specific policy (optional)
from - Start date for date range (ISO 8601 format, optional)
to - End date for date range (ISO 8601 format, optional)
llmType - Filter alerts by LLM type (comma-separated for multiple values, optional)
llmModel - Filter alerts by LLM model (comma-separated for multiple values, optional)
host - Filter alerts by host (comma-separated for multiple values, optional)
skip - Number of records to skip (for pagination, default: 0)
take - Number of records to return (default: 50, max: 100)

Important Notes:

Only returns alerts for policies within the user's organization
Organization admins can view all alerts across all workspaces
Regular users can only view alerts for workspaces they have access to
Alerts are sorted by timestamp in descending order (newest first)
Maximum take value is 100
If a user doesn't have access to a requested workspace/repo, an empty result is returned (not an error)

Use Cases:

Monitor all policy alerts across the organization
Track alert trends over time
Generate compliance reports
Investigate policy violations and alerts
Audit AI usage and policy enforcement

TypeScript Client Library

// Using the Flashback TypeScript client
import { FlashbackClient } from '@flashbacktech/flashbackclient';

const client = new FlashbackClient({
  accessToken: 'your-access-token'
});

// Get policy alerts with optional filters
try {
  const result = await client.getPolicyAlerts({
    workspaceId: 'workspace-id-1',
    repoId: 'repo-id-1',
    policyId: 'policy-id-1',
    from: '2024-01-01T00:00:00.000Z',
    to: '2024-01-31T23:59:59.999Z',
    llmType: ['OPENAI', 'ANTHROPIC'],
    llmModel: ['gpt-4', 'claude-3'],
    host: ['api.openai.com'],
    take: 50,
    skip: 0
  });
  console.log('Policy alerts:', result);
} catch (error) {
  console.error('Failed to retrieve policy alerts:', error);
}

Code Samples

# You can also use wget
curl -X GET "https://backend.flashback.tech/policy/alerts?from=2024-01-01T00:00:00.000Z&to=2024-01-31T23:59:59.999Z&take=50" \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}'

GET https://backend.flashback.tech/policy/alerts?from=2024-01-01T00:00:00.000Z&to=2024-01-31T23:59:59.999Z HTTP/1.1
Host: backend.flashback.tech
Accept: application/json
Authorization: Bearer {access-token}

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

const queryParams = new URLSearchParams({
  from: '2024-01-01T00:00:00.000Z',
  to: '2024-01-31T23:59:59.999Z',
  take: '50',
  skip: '0'
});

fetch(`https://backend.flashback.tech/policy/alerts?${queryParams.toString()}`,
{
  method: 'GET',
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://backend.flashback.tech/policy/alerts',
  params: {
    workspaceId: 'workspace-id-1',
    repoId: 'repo-id-1',
    policyId: 'policy-id-1',
    from: '2024-01-01T00:00:00.000Z',
    to: '2024-01-31T23:59:59.999Z',
    take: 50,
    skip: 0
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

params = {
  'workspaceId': 'workspace-id-1',
  'repoId': 'repo-id-1',
  'policyId': 'policy-id-1',
  'from': '2024-01-01T00:00:00.000Z',
  'to': '2024-01-31T23:59:59.999Z',
  'take': 50,
  'skip': 0
}

r = requests.get('https://backend.flashback.tech/policy/alerts', headers=headers, params=params)

print(r.json())

<?php

require 'vendor/autoload.php';

$headers = array(
    'Accept' => 'application/json',
    'Authorization' => 'Bearer {access-token}',
);

$client = new \GuzzleHttp\Client();

$queryParams = array(
    'workspaceId' => 'workspace-id-1',
    'repoId' => 'repo-id-1',
    'policyId' => 'policy-id-1',
    'from' => '2024-01-01T00:00:00.000Z',
    'to' => '2024-01-31T23:59:59.999Z',
    'take' => 50,
    'skip' => 0
);

try {
    $response = $client->request('GET','https://backend.flashback.tech/policy/alerts', array(
        'headers' => $headers,
        'query' => $queryParams,
       )
    );
    print_r($response->getBody()->getContents());
 }
 catch (\GuzzleHttp\Exception\BadResponseException $e) {
    // handle exception or api errors.
    print_r($e->getMessage());
 }

 // ...

import java.net.URLEncoder;
import java.net.HttpURLConnection;
import java.net.URL;
import java.io.BufferedReader;
import java.io.InputStreamReader;

String baseUrl = "https://backend.flashback.tech/policy/alerts";
String queryString = "from=2024-01-01T00:00:00.000Z&to=2024-01-31T23:59:59.999Z&take=50&skip=0";
URL obj = new URL(baseUrl + "?" + queryString);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("Authorization", "Bearer {access-token}");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
       "net/url"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    params := url.Values{}
    params.Add("from", "2024-01-01T00:00:00.000Z")
    params.Add("to", "2024-01-31T23:59:59.999Z")
    params.Add("take", "50")
    params.Add("skip", "0")

    req, err := http.NewRequest("GET", "https://backend.flashback.tech/policy/alerts?" + params.Encode(), nil)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Parameters

Name

Type

Required

Description

workspaceId

query

string

false

Filter alerts by workspace ID

repoId

query

string

false

Filter alerts by repository ID

policyId

query

string

false

Filter alerts by policy ID

from

query

string

false

Start date for date range filter (ISO 8601)

query

string

false

End date for date range filter (ISO 8601)

llmType

query

string

false

Filter alerts by LLM type (comma-separated for multiple values)

llmModel

query

string

false

Filter alerts by LLM model (comma-separated for multiple values)

host

query

string

false

Filter alerts by host (comma-separated for multiple values)

take

query

integer

false

Number of records to return (default: 50, max: 100)

skip

query

integer

false

Number of records to skip (default: 0)

Example responses

200 Response

{
  "success": true,
  "alerts": [
    {
      "id": "alert-123",
      "policyId": "policy-456",
      "policyName": "PII Protection Policy",
      "timestamp": "2024-01-15T10:30:00.000Z",
      "message": "Potential PII detected in conversation",
      "conversationId": "conv-789",
      "repoId": "repo-101",
      "repoName": "Customer Support Repo",
      "userId": "user-202",
      "userName": "John Doe",
      "repoAiApiKeyId": "apikey-303",
      "repoAiApiKeyName": "Production OpenAI Key",
      "llmType": "OPENAI",
      "llmModel": "gpt-4",
      "host": "api.openai.com"
    },
    {
      "id": "alert-124",
      "policyId": "policy-456",
      "policyName": "PII Protection Policy",
      "timestamp": "2024-01-14T14:20:00.000Z",
      "message": "Suspicious pattern detected in AI interaction",
      "conversationId": null,
      "repoId": "repo-101",
      "repoName": "Customer Support Repo",
      "userId": "user-203",
      "userName": "Jane Smith",
      "repoAiApiKeyId": "apikey-303",
      "repoAiApiKeyName": "Production OpenAI Key"
    }
  ],
  "total": 2,
  "skip": 0,
  "take": 50
}

Responses

Status

Meaning

Description

Schema

200

Successfully retrieved alerts

Inline

400

Bad Request

Invalid request parameters

Inline

404

Not Found

Repo not found (when repoId provided)

Inline

500

Internal Server Error

Failed to retrieve alerts

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

» success

boolean

true

none

Operation success status

» alerts

[object]

true

none

Array of policy alert objects

»» id

string

true

none

Unique identifier for the alert

»» policyId

string

true

none

Policy ID that triggered the alert

»» policyName

string

true

none

Name of the policy that triggered the alert

»» timestamp

string

true

none

ISO 8601 timestamp when alert was triggered

»» message

string

true

none

Alert message describing what triggered the alert

»» conversationId

string

true

none

Conversation ID where alert occurred (null if not applicable)

»» repoId

string

true

none

Repository ID where alert occurred

»» repoName

string

true

none

Repository name where alert occurred

»» userId

string

true

none

User ID who triggered the alert

»» userName

string

true

none

Full name of the user who triggered the alert

»» repoAiApiKeyId

string

true

none

API key ID used in the operation

»» repoAiApiKeyName

string

true

none

API key name used in the operation

»» llmType

string

true

none

LLM provider type (e.g., "OPENAI", "ANTHROPIC", "GOOGLE", "AWS", "OTHER")

»» llmModel

string

true

none

LLM model name (e.g., "gpt-4", "claude-3")

»» host

string

true

none

Host/domain of the LLM API endpoint

» total

integer

true

none

Total number of alerts matching the query (for pagination)

» skip

integer

true

none

Number of records skipped

» take

integer

true

none

Number of records returned

Status Code 400

Name

Type

Required

Restrictions

Description

» success

boolean

true

none

Always false for error responses

» alerts

array

true

none

Empty array

» total

integer

true

none

Always 0

» skip

integer

true

none

Always 0

» take

integer

true

none

Always 0

Status Code 404

Name

Type

Required

Restrictions

Description

» success

boolean

true

none

Always false for error responses

» alerts

array

true

none

Empty array

» total

integer

true

none

Always 0

» skip

integer

true

none

Always 0

» take

integer

true

none

Always 0

» message

string

false

none

Error message (e.g., "Repo not found")

Status Code 500

Name

Type

Required

Restrictions

Description

» success

boolean

true

none

Always false for error responses

» alerts

array

true

none

Empty array

» total

integer

true

none

Always 0

» skip

integer

true

none

Always 0

» take

integer

true

none

Always 0

» message

string

false

none

Error message (e.g., "Failed to fetch policy alerts")

To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth

Previousdelete__policy_{policyId}Nextget__policy_{policyId}_alerts

Last updated 3 hours ago

Was this helpful?

hashtagTypeScript Client Library

hashtagCode Samples

hashtagParameters

hashtagResponses

hashtagResponse Schema

TypeScript Client Library

Code Samples

Parameters

Responses

Response Schema