get__policy_violations
⚠️ TEST ENVIRONMENT ONLY
GET /policy/violations
Get Policy Violations
Retrieve a list of policy violations that have occurred during AI operations. This endpoint provides comprehensive information about when policies were violated, who violated them, and the context of each violation.
Key Features:
Filter violations by workspace, repository, or specific policy
Date range filtering for time-based analysis
Pagination support with configurable page size
Returns detailed violation information including explanations
Respects workspace access permissions
Query Filtering:
workspaceId- Filter violations by workspacerepoId- Filter violations by repositorypolicyId- Filter violations by specific policyfrom- Start date for date range (ISO 8601 format)to- End date for date range (ISO 8601 format)skip- Number of records to skip (for pagination, default: 0)take- Number of records to return (default: 50, max: 100)
Important Notes:
Only returns violations from policies the user has access to
Organization administrators see violations across all workspaces
Non-admin users only see violations from their accessible workspaces
Violations are sorted by timestamp in descending order (newest first)
Maximum
takevalue is 100 to prevent excessive data transfer
Use Cases:
Monitor policy compliance across the organization
Investigate security incidents or policy breaches
Generate compliance reports
Audit AI usage and policy enforcement
Track violation patterns over time
TypeScript Client Library
public getPolicyViolations = async (query: GetPolicyViolationsQuery): Promise<GetPolicyViolationsResponse> => {
const queryParams = new URLSearchParams();
if (query.workspaceId) {
queryParams.append('workspaceId', query.workspaceId);
}
if (query.repoId) {
queryParams.append('repoId', query.repoId);
}
if (query.policyId) {
queryParams.append('policyId', query.policyId);
}
if (query.from) {
queryParams.append('from', query.from);
}
if (query.to) {
queryParams.append('to', query.to);
}
if (query.take !== undefined) {
queryParams.append('take', query.take.toString());
}
if (query.skip !== undefined) {
queryParams.append('skip', query.skip.toString());
}
return this.makeRequest<GetPolicyViolationsResponse>(
`policy/violations?${queryParams.toString()}`,
'GET',
null
);
};Code Samples
# You can also use wget
curl -X GET "https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31&take=50" \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'GET https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31 HTTP/1.1
Host: backend.flashback.tech
Accept: application/jsonconst headers = {
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31',
{
method: 'GET',
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});require 'rest-client'
require 'json'
headers = {
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.get 'https://backend.flashback.tech/policy/violations',
params: {
'workspaceId' => 'string',
'repoId' => 'string',
'policyId' => 'string',
'from' => 'string',
'to' => 'string',
'take' => 'integer',
'skip' => 'integer'
}, headers: headers
p JSON.parse(result)import requests
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.get('https://backend.flashback.tech/policy/violations', params={
'workspaceId': 'workspace-123',
'from': '2024-01-01',
'to': '2024-01-31',
'take': 50,
'skip': 0
}, headers = headers)
print(r.json())<?php
require 'vendor/autoload.php';
$headers = array(
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}',
);
$client = new \GuzzleHttp\Client();
try {
$response = $client->request('GET','https://backend.flashback.tech/policy/violations', array(
'headers' => $headers,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...URL obj = new URL("https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "https://backend.flashback.tech/policy/violations", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}Parameters
workspaceId
query
string
false
Filter violations by workspace ID
repoId
query
string
false
Filter violations by repository ID
policyId
query
string
false
Filter violations by policy ID
from
query
string
false
Start date for date range filter (ISO 8601)
to
query
string
false
End date for date range filter (ISO 8601)
take
query
integer
false
Number of records to return (default: 50, max: 100)
skip
query
integer
false
Number of records to skip (default: 0)
Example responses
200 Response
{
"success": true,
"violations": [
{
"id": "violation-123",
"policyId": "policy-456",
"policyName": "PII Protection Policy",
"timestamp": "2024-01-15T10:30:00.000Z",
"explanation": "Attempted to share credit card number in AI conversation",
"conversationId": "conv-789",
"repoId": "repo-101",
"repoName": "Customer Support Repo",
"userId": "user-202",
"userName": "John Doe",
"repoAiApiKeyId": "apikey-303",
"repoAiApiKeyName": "Production OpenAI Key"
}
],
"total": 1,
"skip": 0,
"take": 50
}Responses
Response Schema
Status Code 200
» success
boolean
false
none
Operation success status
» violations
[object]
false
none
Array of policy violation objects
»» id
string
false
none
Unique identifier for the violation
»» policyId
string
false
none
Policy ID that was violated
»» policyName
string
false
none
Name of the policy that was violated
»» timestamp
string
false
none
ISO 8601 timestamp when violation occurred
»» explanation
string
false
none
Detailed explanation of the violation
»» conversationId
string
false
none
Conversation ID where violation occurred (null if not applicable)
»» repoId
string
false
none
Repository ID where violation occurred
»» repoName
string
false
none
Repository name where violation occurred
»» userId
string
false
none
User ID who triggered the violation
»» userName
string
false
none
Full name of the user who triggered the violation
»» repoAiApiKeyId
string
false
none
API key ID used in the operation
»» repoAiApiKeyName
string
false
none
API key name used in the operation
» total
integer
false
none
Total number of violations matching the query (for pagination)
» skip
integer
false
none
Number of records skipped
» take
integer
false
none
Number of records returned
Status Code 400
» success
boolean
false
none
none
» violations
array
false
none
none
» total
integer
false
none
none
» skip
integer
false
none
none
» take
integer
false
none
none
» message
string
false
none
Error message
Status Code 500
» success
boolean
false
none
none
» violations
array
false
none
none
» total
integer
false
none
none
» skip
integer
false
none
none
» take
integer
false
none
none
» message
string
false
none
Error message
To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth
Last updated
Was this helpful?