# get\_\_policy\_violations {% hint style="info" %} This API endpoint is currently available only in the TEST environment. It is not yet available in production. {% endhint %} `GET /policy/violations` *Get Policy Violations* Retrieve a list of policy violations that have occurred during AI operations. This endpoint provides comprehensive information about when policies were violated, who violated them, and the context of each violation. **Key Features:** * Filter violations by workspace, repository, or specific policy * Date range filtering for time-based analysis * Pagination support with configurable page size * Returns detailed violation information including explanations * Respects workspace access permissions **Query Filtering:** * `workspaceId` - Filter violations by workspace * `repoId` - Filter violations by repository * `policyId` - Filter violations by specific policy * `from` - Start date for date range (ISO 8601 format) * `to` - End date for date range (ISO 8601 format) * `skip` - Number of records to skip (for pagination, default: 0) * `take` - Number of records to return (default: 50, max: 100) **Important Notes:** * Only returns violations from policies the user has access to * Organization administrators see violations across all workspaces * Non-admin users only see violations from their accessible workspaces * Violations are sorted by timestamp in descending order (newest first) * Maximum `take` value is 100 to prevent excessive data transfer **Use Cases:** * Monitor policy compliance across the organization * Investigate security incidents or policy breaches * Generate compliance reports * Audit AI usage and policy enforcement * Track violation patterns over time #### TypeScript Client Library ```typescript public getPolicyViolations = async (query: GetPolicyViolationsQuery): Promise => { const queryParams = new URLSearchParams(); if (query.workspaceId) { queryParams.append('workspaceId', query.workspaceId); } if (query.repoId) { queryParams.append('repoId', query.repoId); } if (query.policyId) { queryParams.append('policyId', query.policyId); } if (query.from) { queryParams.append('from', query.from); } if (query.to) { queryParams.append('to', query.to); } if (query.take !== undefined) { queryParams.append('take', query.take.toString()); } if (query.skip !== undefined) { queryParams.append('skip', query.skip.toString()); } return this.makeRequest( `policy/violations?${queryParams.toString()}`, 'GET', null ); }; ``` #### Code Samples {% tabs %} {% tab title="Shell" %} ```shell # You can also use wget curl -X GET "https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31&take=50" \ -H 'Accept: application/json' \ -H 'Authorization: Bearer {access-token}' ``` {% endtab %} {% tab title="HTTP" %} ```http GET https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31 HTTP/1.1 Host: backend.flashback.tech Accept: application/json ``` {% endtab %} {% tab title="JavaScript" %} ```javascript const headers = { 'Accept':'application/json', 'Authorization':'Bearer {access-token}' }; fetch('https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31', { method: 'GET', headers: headers }) .then(function(res) { return res.json(); }).then(function(body) { console.log(body); }); ``` {% endtab %} {% tab title="Ruby" %} ```ruby require 'rest-client' require 'json' headers = { 'Accept' => 'application/json', 'Authorization' => 'Bearer {access-token}' } result = RestClient.get 'https://backend.flashback.tech/policy/violations', params: { 'workspaceId' => 'string', 'repoId' => 'string', 'policyId' => 'string', 'from' => 'string', 'to' => 'string', 'take' => 'integer', 'skip' => 'integer' }, headers: headers p JSON.parse(result) ``` {% endtab %} {% tab title="Python" %} ```python import requests headers = { 'Accept': 'application/json', 'Authorization': 'Bearer {access-token}' } r = requests.get('https://backend.flashback.tech/policy/violations', params={ 'workspaceId': 'workspace-123', 'from': '2024-01-01', 'to': '2024-01-31', 'take': 50, 'skip': 0 }, headers = headers) print(r.json()) ``` {% endtab %} {% tab title="PHP" %} ```php 'application/json', 'Authorization' => 'Bearer {access-token}', ); $client = new \GuzzleHttp\Client(); try { $response = $client->request('GET','https://backend.flashback.tech/policy/violations', array( 'headers' => $headers, ) ); print_r($response->getBody()->getContents()); } catch (\GuzzleHttp\Exception\BadResponseException $e) { // handle exception or api errors. print_r($e->getMessage()); } // ... ``` {% endtab %} {% tab title="Java" %} ```java URL obj = new URL("https://backend.flashback.tech/policy/violations?workspaceId=workspace-123&from=2024-01-01&to=2024-01-31"); HttpURLConnection con = (HttpURLConnection) obj.openConnection(); con.setRequestMethod("GET"); int responseCode = con.getResponseCode(); BufferedReader in = new BufferedReader( new InputStreamReader(con.getInputStream())); String inputLine; StringBuffer response = new StringBuffer(); while ((inputLine = in.readLine()) != null) { response.append(inputLine); } in.close(); System.out.println(response.toString()); ``` {% endtab %} {% tab title="Go" %} ```go package main import ( "bytes" "net/http" ) func main() { headers := map[string][]string{ "Accept": []string{"application/json"}, "Authorization": []string{"Bearer {access-token}"}, } data := bytes.NewBuffer([]byte{jsonReq}) req, err := http.NewRequest("GET", "https://backend.flashback.tech/policy/violations", data) req.Header = headers client := &http.Client{} resp, err := client.Do(req) // ... } ``` {% endtab %} {% endtabs %} #### Parameters | Name | In | Type | Required | Description | | ----------- | ----- | ------- | -------- | --------------------------------------------------- | | workspaceId | query | string | false | Filter violations by workspace ID | | repoId | query | string | false | Filter violations by repository ID | | policyId | query | string | false | Filter violations by policy ID | | from | query | string | false | Start date for date range filter (ISO 8601) | | to | query | string | false | End date for date range filter (ISO 8601) | | take | query | integer | false | Number of records to return (default: 50, max: 100) | | skip | query | integer | false | Number of records to skip (default: 0) | > Example responses > 200 Response ```json { "success": true, "violations": [ { "id": "violation-123", "policyId": "policy-456", "policyName": "PII Protection Policy", "timestamp": "2024-01-15T10:30:00.000Z", "explanation": "Attempted to share credit card number in AI conversation", "conversationId": "conv-789", "repoId": "repo-101", "repoName": "Customer Support Repo", "userId": "user-202", "userName": "John Doe", "repoAiApiKeyId": "apikey-303", "repoAiApiKeyName": "Production OpenAI Key" } ], "total": 1, "skip": 0, "take": 50 } ``` #### Responses | Status | Meaning | Description | Schema | | ------ | -------------------------------------------------------------------------- | --------------------------------- | ------ | | 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | Successfully retrieved violations | Inline | | 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | Invalid request parameters | Inline | | 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | Failed to retrieve violations | Inline | #### Response Schema Status Code **200** | Name | Type | Required | Restrictions | Description | | ------------------- | --------- | -------- | ------------ | ----------------------------------------------------------------- | | » success | boolean | false | none | Operation success status | | » violations | \[object] | false | none | Array of policy violation objects | | »» id | string | false | none | Unique identifier for the violation | | »» policyId | string | false | none | Policy ID that was violated | | »» policyName | string | false | none | Name of the policy that was violated | | »» timestamp | string | false | none | ISO 8601 timestamp when violation occurred | | »» explanation | string | false | none | Detailed explanation of the violation | | »» conversationId | string | false | none | Conversation ID where violation occurred (null if not applicable) | | »» repoId | string | false | none | Repository ID where violation occurred | | »» repoName | string | false | none | Repository name where violation occurred | | »» userId | string | false | none | User ID who triggered the violation | | »» userName | string | false | none | Full name of the user who triggered the violation | | »» repoAiApiKeyId | string | false | none | API key ID used in the operation | | »» repoAiApiKeyName | string | false | none | API key name used in the operation | | » total | integer | false | none | Total number of violations matching the query (for pagination) | | » skip | integer | false | none | Number of records skipped | | » take | integer | false | none | Number of records returned | Status Code **400** | Name | Type | Required | Restrictions | Description | | ------------ | ------- | -------- | ------------ | ------------- | | » success | boolean | false | none | none | | » violations | array | false | none | none | | » total | integer | false | none | none | | » skip | integer | false | none | none | | » take | integer | false | none | none | | » message | string | false | none | Error message | Status Code **500** | Name | Type | Required | Restrictions | Description | | ------------ | ------- | -------- | ------------ | ------------- | | » success | boolean | false | none | none | | » violations | array | false | none | none | | » total | integer | false | none | none | | » skip | integer | false | none | none | | » take | integer | false | none | none | | » message | string | false | none | Error message | To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth