put__policy_{policyId}
⚠️ TEST ENVIRONMENT ONLY
PUT /policy/{policyId}
Update AI Policy
Update an existing AI governance policy. This endpoint allows modification of policy properties while maintaining audit trail information about who made the changes.
Updatable Fields:
name- Policy namecontent- Policy rules and descriptionriskType- Risk classification (LOW, MEDIUM, HIGH)actionType- Action to take on violation (0=log, 1=alert, 2=block)
Important Notes:
All fields in the request body are optional - only provide fields you want to update
At least one field must be provided for the update to proceed
Users must have write permissions for the policy based on its scope level
The policy's scope (org/workspace/repo) cannot be changed after creation
Updates automatically track the user who made the change and the timestamp
Security:
Organization boundaries are enforced
Permission checks ensure users can only update policies they have access to
Workspace-level and repository-level policies require appropriate write access
Audit trail is automatically updated
Use Cases:
Refine policy content based on feedback
Adjust risk levels or action types
Update policy names for better organization
Modify policies as requirements change
TypeScript Client Library
public updatePolicy = async (
policyId: string,
data: UpdatePolicyRequest
): Promise<{ success: boolean; policy: PolicyDTO }> => {
return this.makeRequest<{ success: boolean; policy: PolicyDTO }>(`policy/${policyId}`, 'PUT', data);
};Code Samples
# You can also use wget
curl -X PUT https://backend.flashback.tech/policy/{policyId} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'PUT https://backend.flashback.tech/policy/{policyId} HTTP/1.1
Host: backend.flashback.tech
Content-Type: application/json
Accept: application/jsonconst inputBody = '{
"name": "Updated PII Protection Policy",
"riskType": "HIGH",
"actionType": 2
}';
const headers = {
'Content-Type':'application/json',
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://backend.flashback.tech/policy/{policyId}',
{
method: 'PUT',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.put 'https://backend.flashback.tech/policy/{policyId}',
params: {
}, headers: headers
p JSON.parse(result)import requests
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.put('https://backend.flashback.tech/policy/{policyId}', headers = headers)
print(r.json())<?php
require 'vendor/autoload.php';
$headers = array(
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}',
);URL obj = new URL("https://backend.flashback.tech/policy/{policyId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("PUT", "https://backend.flashback.tech/policy/{policyId}", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}Body parameter
{
"name": "Updated PII Protection Policy",
"content": "Enhanced policy: Do not allow sharing of personally identifiable information including SSN, credit cards, addresses, phone numbers, or email addresses.",
"riskType": "HIGH",
"actionType": 2
}Parameters
policyId
path
string
true
Unique identifier of the policy
body
body
object
true
Updated policy properties
» name
body
string
false
Human-readable name for the policy
» content
body
string
false
Policy rules and description (natural language)
» riskType
body
string
false
Risk classification level
» actionType
body
integer
false
Action to take when policy is violated
Enumerated Values
» riskType
LOW
» riskType
MEDIUM
» riskType
HIGH
» actionType
0
Log only (record violation)
» actionType
1
Alert (log and notify)
» actionType
2
Block (prevent action and alert)
Example responses
200 Response
{
"success": true,
"policy": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"orgId": "org-123",
"name": "Updated PII Protection Policy",
"content": "Enhanced policy: Do not allow sharing of personally identifiable information...",
"riskType": "HIGH",
"actionType": 2,
"createdBy": {
"id": "user-789",
"name": "John",
"lastName": "Doe",
"email": "[email protected]"
},
"createdAt": "2024-01-15T10:30:00.000Z",
"lastUpdatedBy": {
"id": "user-890",
"name": "Jane",
"lastName": "Smith",
"email": "[email protected]"
},
"lastUpdatedAt": "2024-01-20T14:15:00.000Z",
"workspaceId": "workspace-456",
"repoId": null,
"workspace": {
"id": "workspace-456",
"name": "Production Workspace"
},
"repo": null
}
}Responses
Response Schema
Status Code 200
» success
boolean
false
none
Operation success status
» policy
object
false
none
Updated policy object
»» id
string
false
none
Unique identifier for the policy
»» orgId
string
false
none
Organization ID
»» name
string
false
none
Policy name
»» content
string
false
none
Policy content/rules
»» riskType
string
false
none
Risk classification (LOW, MEDIUM, HIGH)
»» actionType
integer
false
none
Action type (0=log, 1=alert, 2=block)
»» createdBy
object
false
none
User who created the policy
»»» id
string
false
none
User ID
»»» name
string
false
none
User first name
»»» lastName
string
false
none
User last name
string
false
none
User email
»» createdAt
string
false
none
ISO 8601 timestamp
»» lastUpdatedBy
object
false
none
User who last updated the policy
»»» id
string
false
none
User ID
»»» name
string
false
none
User first name
»»» lastName
string
false
none
User last name
string
false
none
User email
»» lastUpdatedAt
string
false
none
ISO 8601 timestamp
»» workspaceId
string
false
none
Workspace ID (null for org-level)
»» repoId
string
false
none
Repository ID (null for workspace/org-level)
»» workspace
object
false
none
Workspace details (if applicable)
»»» id
string
false
none
Workspace ID
»»» name
string
false
none
Workspace name
»» repo
object
false
none
Repository details (if applicable)
»»» id
string
false
none
Repository ID
»»» name
string
false
none
Repository name
Status Code 400
» success
boolean
false
none
none
» message
string
false
none
Error message
Status Code 403
» success
boolean
false
none
none
» message
string
false
none
Error message
Status Code 404
» success
boolean
false
none
none
» message
string
false
none
Error message
Status Code 500
» success
boolean
false
none
none
» message
string
false
none
Error message
To perform this operation, you must be authenticated by means of one of the following methods: BearerAuth
Last updated
Was this helpful?