Contents x
    Validate Policy
    • 20 Nov 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Validate Policy

    • Updated on 20 Nov 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Post
    /api/1.0/policies/{envId}/validation

    Validate Policies.

    Note: This version is going to be deprecated in June 2025.
    See Import Policy V2 for the latest documentation.

    Notice

    Accessing the Policy Management APIs is through a dedicated domain/URL, according to your PlainID Tenant Location
  • United States (US) - https://api.us1.plainid.io
  • Canada (CA) - https://api.ca1.plainid.io
  • Europe (EU) - https://api.eu1.plainid.io
  • Local PAA - https://api.plainid.local

    • cURL Sample Guidelines

    In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right. They will then appear in the cURL sample on the bottom of the page in the correct format.

    Security
    HTTP
    Type bearer

    For more details about Administration API Authentication, check out the Authentication APIs documentation. Provide your bearer token in the Authorization header when making requests to protected resources. Example: Authorization: Bearer 123

    Path parameters
    envId
    stringRequired

    The Environment ID can be found under the Details tab in the Environment Settings.

    Body parameters
    Valid Request Structure
    {
  "policyCode": "# METADATA\n# custom:\n#   plainid:\n#     policyId: PaC1\n#     name: Manage consumers accounts in branch\n#     description: Tellers, Senior Tellers, Branch Managers can manage private consumer accounts in their own branch only during business hours\n#     accessType: Allow\npackage policy\nimport future.keywords\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: BranchManager\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"User_Type\"] == \"internal\"\n\tidentity[\"title\"] == \"branch manager\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: SeniorTeller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"title\"] == \"Senior Teller\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: Teller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Ruleset\n#     name: Private consumer bank accounts managed in the user branch\nruleset(asset, identity, requestParams){\n\tasset.template == \"Bank Accounts\"\n\tidentity.template == \"User\"\n\tasset[\"account_type\"] == \"private\"\n\tasset[\"account_branch\"] == identity[\"User_Branch\"]\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Action\naction(asset){\n\tasset.template == \"Bank Accounts\"\n\tasset.action in [\"Manage\",\"View\"]\n}",
  "language": "rego",
  "authWsId": "57fd3c41-fada-41a9-b5ab-fad1133f1e63"
}
    Single Validation Error - `identity.template` does not exist
    {
  "policyCode": "# METADATA\n# custom:\n#   plainid:\n#     policyId: PaC1\n#     name: Manage consumers accounts in branch\n#     description: Tellers, Senior Tellers, Branch Managers can manage private consumer accounts in their own branch only during business hours\n#     accessType: Allow\npackage policy\nimport future.keywords\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: BranchManager\ndynamic_group(identity){\n\tidentity.template == \"Usr\"\n\tidentity[\"User_Type\"] == \"internal\"\n\tidentity[\"title\"] == \"branch manager\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: SeniorTeller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"title\"] == \"Senior Teller\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: Teller\ndynamic_group(identity){\n\tidentity.template == \"User\"\n\tidentity[\"User_Type\"] == \"Internal\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Ruleset\n#     name: Private consumer bank accounts managed in the user branch\nruleset(asset, identity, requestParams){\n\tasset.template == \"Bank Accounts\"\n\tidentity.template == \"User\"\n\tasset[\"account_type\"] == \"private\"\n\tasset[\"account_branch\"] == identity[\"User_Branch\"]\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Action\naction(asset){\n\tasset.template == \"Bank Accounts\"\n\tasset.action in [\"Manage\",\"View\"]\n}",
  "language": "rego",
  "authWsId": "57fd3c41-fada-41a9-b5ab-fad1133f1e63"
}
    object
    policyCode
    string Required

    Policy Rego Code - Structured Rego

    language
    string Required

    Policy Language

    authWsId
    string Required

    Authorization Workspace ID. This can be found in your Authorization Workspace Settings under Workspace ID.

    Responses
    200

    Success

    Headers
    x-request-id
    string
    Validation Success - No Errors Found
    {
  "data": {
    "policyId": "PaC1",
    "action": "UPDATE",
    "validationErrors": null,
    "isPolicyCompleted": true
  }
}
    Validation Success - Errors Identified
    {
  "data": {
    "policyId": "PaC1",
    "action": "UPDATE",
    "validationErrors": [
      {
        "code": "PACV-009",
        "id": "E1D4P1",
        "name": "RulesetAttributeKeyNotDefinedInTemplate",
        "message": "Unable to identify Attribute Key [tile] in the Template rule [User]. Hint: Did you mean [uid,department,Userid,groups,title,User_Type,User_Branch,Membership_Type,First_Name,Last_Name]?",
        "line": 17
      },
      {
        "code": "PACV-012",
        "id": "ENJ1VJ",
        "name": "DynamicGroupRuleAttributeOperatorDoesNotCorrespondToAttributeSettings",
        "message": "Operator [EQUALS] used in rule expression is not valid for Attribute settings. Hint: Attribute type is set as [].",
        "line": 17
      }
    ],
    "isPolicyCompleted": true
  }
}
    Expand All
    object
    data
    object
    policyId
    string
    action
    string
    validationErrors
    Array of object | null
    object
    code
    string
    id
    string
    name
    string
    message
    string
    line
    integer
    isPolicyCompleted
    boolean
    401

    Unauthorized

    Headers
    x-request-id
    string
    422

    Validation Failed - Invalid UUID

    Headers
    x-request-id
    string
    Invalid ID Format
    {
  "errors": [
    {
      "code": "V-032",
      "args": {
        "0": "ed252aa5-9d0c-4193-838-60bf20b13109",
        "1": "uuid"
      },
      "id": "EEJQMA",
      "status": 422,
      "name": "UnprocessableEntityError",
      "message": "$: ed252aa5-9d0c-4193-838-60bf20b13109 is an invalid uuid"
    }
  ]
}
    Expand All
    object
    errors
    Array of object
    object
    code
    string
    args
    object
    0
    string
    1
    string
    id
    string
    status
    integer
    name
    string
    message
    string
    Was this article helpful?
    What's Next