Post
Deprecated/api/1.0/policies/{envId}/validation
Validate Policies.
Note: This version will be sunset (retired) in June 2025.
See Import Policy V2 for the latest documentation.
Notice
Accessing the Policy Management APIs is through a dedicated domain/URL, according to your PlainID Tenant Locationhttps://api.us1.plainid.iohttps://api.ca1.plainid.iohttps://api.eu1.plainid.iocURL Sample Guidelines
In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right. They will then appear in the cURL sample on the bottom of the page in the correct format.
Security
HTTP
Type bearer
For more details about Administration API Authentication, check out the Authentication APIs documentation. Provide your bearer token in the Authorization header when making requests to protected resources. Example: Authorization: Bearer 123
Path parameters
envId
stringRequired
The Environment ID can be found under the Details tab in the Environment Settings.
Body parameters
Valid Request Structure
{
"policyCode": "# METADATA\n# custom:\n# plainid:\n# policyId: PaC1\n# name: Manage consumers accounts in branch\n# description: Tellers, Senior Tellers, Branch Managers can manage private consumer accounts in their own branch only during business hours\n# accessType: Allow\npackage policy\nimport future.keywords\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: BranchManager\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"User_Type\"] == \"internal\"\n\tidentity[\"title\"] == \"branch manager\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: SeniorTeller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"title\"] == \"Senior Teller\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: Teller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Ruleset\n# name: Private consumer bank accounts managed in the user branch\nruleset(asset, identity, requestParams){\n\tasset.template == \"Bank Accounts\"\n\tidentity.template == \"User\"\n\tasset[\"account_type\"] == \"private\"\n\tasset[\"account_branch\"] == identity[\"User_Branch\"]\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Action\naction(asset){\n\tasset.template == \"Bank Accounts\"\n\tasset.action in [\"Manage\",\"View\"]\n}",
"language": "rego",
"authWsId": "57fd3c41-fada-41a9-b5ab-fad1133f1e63"
}Single Validation Error - `identity.template` does not exist
{
"policyCode": "# METADATA\n# custom:\n# plainid:\n# policyId: PaC1\n# name: Manage consumers accounts in branch\n# description: Tellers, Senior Tellers, Branch Managers can manage private consumer accounts in their own branch only during business hours\n# accessType: Allow\npackage policy\nimport future.keywords\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: BranchManager\ndynamic_group(identity){\n\tidentity.template == \"Usr\"\n\tidentity[\"User_Type\"] == \"internal\"\n\tidentity[\"title\"] == \"branch manager\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: SeniorTeller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"title\"] == \"Senior Teller\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: Teller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Ruleset\n# name: Private consumer bank accounts managed in the user branch\nruleset(asset, identity, requestParams){\n\tasset.template == \"Bank Accounts\"\n\tidentity.template == \"User\"\n\tasset[\"account_type\"] == \"private\"\n\tasset[\"account_branch\"] == identity[\"User_Branch\"]\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Action\naction(asset){\n\tasset.template == \"Bank Accounts\"\n\tasset.action in [\"Manage\",\"View\"]\n}",
"language": "rego",
"authWsId": "57fd3c41-fada-41a9-b5ab-fad1133f1e63"
}object
language
string Required
Policy Language
authWsId
string Required
Authorization Workspace ID. This can be found in your Authorization Workspace Settings under Workspace ID.
Responses
200
Success
Headers
x-request-id
string
Validation Success - No Errors Found
{
"data": {
"policyId": "PaC1",
"action": "UPDATE",
"validationErrors": null,
"isPolicyCompleted": true
}
}Validation Success - Errors Identified
{
"data": {
"policyId": "PaC1",
"action": "UPDATE",
"validationErrors": [
{
"code": "PACV-009",
"id": "E1D4P1",
"name": "RulesetAttributeKeyNotDefinedInTemplate",
"message": "Unable to identify Attribute Key [tile] in the Template rule [User]. Hint: Did you mean [uid,department,Userid,groups,title,User_Type,User_Branch,Membership_Type,First_Name,Last_Name]?",
"line": 17
},
{
"code": "PACV-012",
"id": "ENJ1VJ",
"name": "DynamicGroupRuleAttributeOperatorDoesNotCorrespondToAttributeSettings",
"message": "Operator [EQUALS] used in rule expression is not valid for Attribute settings. Hint: Attribute type is set as [].",
"line": 17
}
],
"isPolicyCompleted": true
}
}object
data
object
policyId
string
action
string
validationErrors
Array of object | null
object
code
string
id
string
name
string
message
string
line
integer
isPolicyCompleted
boolean
401
Unauthorized
Headers
x-request-id
string
422
Validation Failed - Invalid UUID
Headers
x-request-id
string
Invalid ID Format
{
"errors": [
{
"code": "V-032",
"args": {
"0": "ed252aa5-9d0c-4193-838-60bf20b13109",
"1": "uuid"
},
"id": "EEJQMA",
"status": 422,
"name": "UnprocessableEntityError",
"message": "$: ed252aa5-9d0c-4193-838-60bf20b13109 is an invalid uuid"
}
]
}object
errors
Array of object
object
code
string
args
object
0
string
1
string
id
string
status
integer
name
string
message
string