Skip to main content

Policies

Policies are a way of authorizing requests to your Architect API. A Policy consists of multiple Policy Items that can be combined together to form complex access rules.

Creating policy items#

Policy Items can be created by sending a POST request to /api/todos/policy_items, authenticated with your developer key.

Let's say we wanted to limit updating our TODOs to only admins that are assigned to it. The body of the request would look something like this:

{
"action": "update",
"data": [
{
"left": {
"type": "current_user",
"value": "role"
},
"operator": "eq",
"right": {
"type": "plain",
"value": "admin"
}
}, {
"left": {
"type": "entity",
"value": "details.assignee_id"
},
"operator": "eq",
"right": {
"type": "current_user",
"value": "id"
}
}
]
}
Example request
const myHeaders = new Headers();
myHeaders.append("X_DEVELOPER_API_KEY", "d5e3ab8d-1fc4-5735-add5-27c3858e3080");
myHeaders.append("Content-Type", "application/json");
const raw = JSON.stringify({"action":"update","data":[{"left":{"type":"current_user","value":"role"},"operator":"eq","right":{"type":"plain","value":"admin"}},{"left":{"type":"entity","value":"details.assignee_id"},"operator":"eq","right":{"type":"current_user","value":"id"}}]});
const requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://your_app_id.essentialz.cloud/api/todos/policy_items", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));

Creating additional Policy Items results in them being aggregated using OR operation, while all of the items defined under the data array of the one Policy Item are aggregated using AND.

Updating policy items#

Updating Policy Items works in a similar way. Just send a PUT request to /api/todos/policy_items/:id with the same format of the JSON body.

Listing all policy items#

You can fetch all created Policy Items by sending a GET request to /api/todos/policy_items.