> ## Documentation Index > Fetch the complete documentation index at: https://docs.plainid.io/llms.txt > Use this file to discover all available pages before exploring further. # Validate Policy > Validate Policy.
For more information, refer to out documentation on Policy Evaluation Logic.
In the **Try It** section, view examples and code samples based on **Response format**, **Content Type (next to the Body title)**, and **Body** dropdowns.

Notice

Accessing the Policy Management APIs is through a dedicated domain/URL, according to your PlainID Tenant Location
  • United States (US) - `https://api.us1.plainid.io`
  • Canada (CA) - `https://api.ca1.plainid.io`
  • Europe (EU) - `https://api.eu1.plainid.io`

    • Using HTML Encoded Special Characters

    Use HTML encoded patterns when working with values that contain special characters like spaces, dashes, etc. Refer to this HTML URL Encoding Reference for a full list.


    Important note about headers

    Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.

    Headers

    *Required
    Header Value cURL Line
    Content-Type`text/plain;language=rego` or `application/json` `-H "Content-Type:text/plain;language=rego"` or `-H "Content-Type:application/json"`
    Note: Use text/plain;language=rego when writing Rego in the body.
    Use application/json when writing either Structured or Native code. See the examples below for more information.

    cURL Sample Guidelines

    In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right in the Try It or Code Sample tabs. You can then copy the cURL sample from the Code Sample tab in the correct format.

    ## OpenAPI ````json POST /api/2.0/policies/{envId}/validation { "openapi": "3.0.3", "info": { "title": "Management APIs", "version": "1.0.0", "contact": { "name": "PlainID", "url": "https://plainid.com", "email": "contact@plainid.com" }, "license": { "name": "Commercial", "url": "https://plainid.com/license" }, "termsOfService": "https://www.plainid.com/terms/", "description": "

    The PlainID Authorization Platform provides Management capabilities through the APIs below.

    To access the Management APIs, make sure to enter your dedicated domain according to your PlainID Tenant Location:
    RegionBase URL
    United States (US)https://api.us1.plainid.io
    Canada (CA)https://api.ca1.plainid.io
    Europe (EU)https://api.eu1.plainid.io
    Local PAAhttps://api.plainid.local
    " }, "servers": [ { "description": "United States", "url": "https://api.us1.plainid.io" }, { "description": "Europe", "url": "https://api.eu1.plainid.io" }, { "description": "Canada", "url": "https://api.ca1.plainid.io" }, { "description": "Local PAA", "url": "https://api.plainid.local" } ], "paths": { "/api/2.0/policies/{envId}/validation": { "post": { "tags": [ "Policy Management APIs 2.0" ], "summary": "Validate Policy", "description": "Validate Policy.
    For more information, refer to out documentation on Policy Evaluation Logic.
    In the **Try It** section, view examples and code samples based on **Response format**, **Content Type (next to the Body title)**, and **Body** dropdowns.\n

    Notice

    Accessing the Policy\nManagement APIs is through a dedicated domain/URL, according to your\nPlainID Tenant Location
  • United States (US) -\n`https://api.us1.plainid.io`
  • Canada (CA) -\n`https://api.ca1.plainid.io`
  • Europe (EU) -\n`https://api.eu1.plainid.io`
    • \n
    \n\n

    Using HTML Encoded Special Characters

    \n

    Use HTML encoded patterns when working with values that contain special characters like spaces, dashes, etc. Refer to this HTML URL Encoding Reference for a full list.


    \n

    Important note about headers

    \n

    Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.

    \n

    Headers

    \n*Required\n\n\n\n\n\n\n\n\n\n\n\n\n
    HeaderValuecURL Line
    Content-Type`text/plain;language=rego` or `application/json``-H \"Content-Type:text/plain;language=rego\"` or `-H \"Content-Type:application/json\"`
    \n\nNote: Use text/plain;language=rego when writing Rego in the body.
    \nUse application/json when writing either Structured or Native code.\nSee the examples below for more information.\n    \n

    cURL Sample Guidelines

    In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right in the Try It or Code Sample tabs. You can then copy the cURL sample from the Code Sample tab in the correct format.

    \n", "operationId": "validatePolicy", "parameters": [ { "in": "path", "name": "envId", "required": "true", "schema": { "type": "string", "format": "uuid" }, "description": "The Environment ID can be found under the Details Tab in the Environment Settings." }, { "in": "query", "name": "filter[authWsId]", "description": "Authorization Workspace ID. This can be found in your Authorization Workspace Settings under Workspace ID.", "required": "true", "schema": { "type": "string", "format": "uuid" } }, { "in": "query", "name": "extendedSchema", "description": "Toggle to either enable or disable additional metadata in the response, like the Policy `id` and `description`.", "schema": { "type": "boolean", "default": "true" } }, { "in": "query", "name": "evaluateByBBName", "description": "Toggle to either enable or disable evaluation by Building Block Name. This controls whether create or update operations locate and/or replace Building Blocks by name, preventing orphaned and duplicate Building Blocks.", "schema": { "type": "boolean", "default": "false" } } ], "security": [ { "bearerAuth": [] } ], "requestBody": { "required": "true", "content": { "text/plain;language=rego": { "schema": { "type": "string", "description": "Policy as Rego code" }, "examples": { "Structured Policy": { "value": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Manage personal account and Credit cards\n# description: Customer can view and manage their own accounts an credit cards only with MFA\n# accessType: Allow\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg1\n# description: \"test DG\"\ndynamic_group(identity) if {\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] == \"test\"\n identity[\"idAttr1\"] != \"prod\"\n}\n" }, "Structured Policy with Generic Condition": { "value": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Zscaler Country Code Policy\n# description: Policy with generic condition for country codes\n# accessType: Allow\n# policyUse: SAAS_APPLICATIONS\n# sourceEnvironmentId: 9c75b3ac-6165-4a5b-9783-e07dd5d2eb55\n# applications: \n# - id: ZScaler\n# attributes:\n# vendorPolicyKind: \"Access Policy\"\n# ruleOrder: 35\n# name: \"AAAZscalerBugTestZscalerSide\"\n# id: \"72063538272665823\"\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: Condition\n# subKind: Country Codes\n# name: Albania_Austria_Australia\n# id: 8adc4fe8-759a-4df4-9dc1-c180c9c4a2c4\ncondition(requestParams) if {\n requestParams[\"CountryCode\"] in [\"Albania\", \"Austria\", \"Australia\"]\n}\n" } } }, "application/json": { "schema": { "$ref": "#/components/schemas/ValidatePolicyByFormatRequest" }, "examples": { "Structured Policy": { "value": { "format": "rego", "policy": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Manage personal account and Credit cards\n# description: Customer can view and manage their own accounts an credit cards only with MFA\n# accessType: Allow\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg1\n# description: \"test DG\"\ndynamic_group(identity) if {\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] == \"test\"\n identity[\"idAttr1\"] != \"prod\"\n}" } }, "Structured Policy with Generic Condition": { "value": { "format": "rego", "policy": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Zscaler Country Code Policy\n# description: Policy with generic condition for country codes\n# accessType: Allow\n# policyUse: SAAS_APPLICATIONS\n# sourceEnvironmentId: 9c75b3ac-6165-4a5b-9783-e07dd5d2eb55\n# applications: \n# - id: ZScaler\n# attributes:\n# vendorPolicyKind: \"Access Policy\"\n# ruleOrder: 35\n# name: \"AAAZscalerBugTestZscalerSide\"\n# id: \"72063538272665823\"\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: Condition\n# subKind: Country Codes\n# name: Albania_Austria_Australia\n# id: 8adc4fe8-759a-4df4-9dc1-c180c9c4a2c4\ncondition(requestParams) if {\n requestParams[\"CountryCode\"] in [\"Albania\", \"Austria\", \"Australia\"]\n}" } }, "Native Policy": { "value": { "format": "json", "policy": { "policyId": "OCP1UUYIIV2DU87", "name": "Bank Account Access Policy", "description": "Policy for accessing bank accounts", "accessType": "Allow", "policyUse": "SAAS_APPLICATIONS", "applications": [ { "applicationId": "POP1V3WFXZ4PRIO", "attributes": { "vendorPolicyKind": "Row Access Policy", "vendorPolicyName": "POL1", "vendorPolicyOrder": "1", "database": "DB", "schema": "SCHEMA", "owner": "ROLE" }, "nativeCode": { "language": "sql", "code": "{\"policy\":\"CREATE OR REPLACE ROW ACCESS POLICY \"POL1\"\"}" } } ] } } } } } } }, "responses": { "200": { "description": "successful operation", "content": { "application/json": { "schema": { "oneOf": [ { "$ref": "#/components/schemas/validationResponseV2" }, { "$ref": "#/components/schemas/ValidatePolicyByFormatResponse" } ] }, "examples": { "Valid_TextPlain": { "summary": "Valid response for text/plain;language=rego requests", "value": { "data": { "code": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Manage personal account and Credit cards\n# description: Customer can view and manage their own accounts an credit cards only with MFA\n# accessType: Allow\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg1\n# description: \"test DG\"\ndynamic_group(identity) if {\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] == \"test\"\n identity[\"idAttr1\"] != \"prod\"\n}\n", "action": "CREATE", "validationErrors": [] } } }, "Valid_TextPlain_With_GenericCondition": { "summary": "Valid response with generic condition for text/plain;language=rego requests", "value": { "data": { "code": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Zscaler Country Code Policy\n# description: Policy with generic condition for country codes\n# accessType: Allow\n# policyUse: SAAS_APPLICATIONS\n# sourceEnvironmentId: 9c75b3ac-6165-4a5b-9783-e07dd5d2eb55\n# applications: \n# - id: ZScaler\n# attributes:\n# vendorPolicyKind: \"Access Policy\"\n# ruleOrder: 35\n# name: \"AAAZscalerBugTestZscalerSide\"\n# id: \"72063538272665823\"\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: Condition\n# subKind: Country Codes\n# name: Albania_Austria_Australia\n# id: 8adc4fe8-759a-4df4-9dc1-c180c9c4a2c4\ncondition(requestParams) if {\n requestParams[\"CountryCode\"] in [\"Albania\", \"Austria\", \"Australia\"]\n}\n", "action": "CREATE", "validationErrors": [] } } }, "Invalid_TextPlain_GenericCondition_Errors": { "summary": "Invalid response with generic condition validation errors for 'text/plain;language=rego' requests", "value": { "data": { "validationErrors": [ { "code": "PACV-064", "id": "E1D4P1", "name": "InvalidSubKindForApplication", "message": "Invalid subKind [Invalid Condition Type] for application [2cb43115-a6c7-493a-86eb-427f5cff254f] given in rule annotation, Hint: valid subkind: [Country Codes]", "args": { "0": "Invalid Condition Type", "1": "2cb43115-a6c7-493a-86eb-427f5cff254f", "2": "Country Codes" }, "line": "15" }, { "code": "PACV-068", "id": "ENJ1VJ", "name": "ConditionKeyNotFoundInSchema", "message": "Unable to identify [invalidKey]. Hint: Did you mean [CountryCode]?", "args": { "0": "invalidKey", "1": "CountryCode" }, "line": "18" }, { "code": "PACV-065", "id": "E2K3L4", "name": "InvalidOperatorForConditionType", "message": "Invalid operator [CONTAINS] for kind [Country Codes]. Hint: supported operators for this kind: [IN]", "args": { "0": "CONTAINS", "1": "Country Codes", "2": "IN" }, "line": "19" } ] } } }, "Valid_TextPlain_With_AffectedPolicyIds": { "summary": "Valid response for text/plain;language=rego requests", "value": { "data": { "code": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Manage personal account and Credit cards\n# description: Customer can view and manage their own accounts an credit cards only with MFA\n# accessType: Allow\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg1\n# description: \"test DG\"\ndynamic_group(identity) if {\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] == \"test\"\n identity[\"idAttr1\"] != \"prod\"\n}\n", "action": "CREATE", "affectedPolicyIds": [ "a5848ad1-0936-40da-8d23-ca2452239209", "p2Ext" ], "validationErrors": [] } } }, "Invalid_TextPlain": { "summary": "Invalid response for 'text/plain;language=rego' requests", "value": { "data": { "validationErrors": [ { "code": "PACV-001", "id": "ERHCQC", "name": "TemplateNotFound", "message": "Template: [at1] not found in Environment: [ceef5853-1491-4d1c-ae52-2f2a1729b3a4], Hint: did yo mean [Claims]?", "args": { "0": "at1", "1": "ceef5853-1491-4d1c-ae52-2f2a1729b3a4", "2": "Claims" }, "line": "1" } ] } } }, "Invalid_TextPlain_With_AffectedPolicyIds": { "summary": "Invalid response for 'text/plain;language=rego' requests", "value": { "data": { "affectedPolicyIds": [ "a5848ad1-0936-40da-8d23-ca2452239209", "p2Ext" ], "validationErrors": [ { "code": "PACV-001", "id": "ERHCQC", "name": "TemplateNotFound", "message": "Template: [at1] not found in Environment: [ceef5853-1491-4d1c-ae52-2f2a1729b3a4], Hint: did yo mean [Claims]?", "args": { "0": "at1", "1": "ceef5853-1491-4d1c-ae52-2f2a1729b3a4", "2": "Claims" }, "line": "1" } ] } } }, "StructuredPolicy_ApplicationJson": { "summary": "Valid Structured policy response for 'application/json' requests", "value": { "data": { "format": "rego", "Structured Policy": "# METADATA\n# custom:\n# plainid:\n# policyId: 08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825\n# name: Manage personal account and Credit cards\n# description: Customer can view and manage their own accounts an credit cards only with MFA\n# accessType: Allow\npackage policy\nimport rego.v1\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg1\n# description: \"test DG\"\ndynamic_group(identity) if {\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] == \"test\"\n identity[\"idAttr1\"] != \"prod\"\n}", "policyId": "08ae32e4-fbf3-4cc8-b3b9-3b4061d1c825", "action": "CREATE", "isPolicyCompleted": "true", "validationErrors": [] } } }, "NativePolicy_ApplicationJson": { "summary": "Valid Native policy response for application/json requests", "value": { "data": { "format": "json", "policy": { "policyId": "OCP1UUYIIV2DU87", "name": "Bank Account Access Policy", "description": "Policy for accessing bank accounts", "accessType": "Allow", "policyUse": "SAAS_APPLICATIONS", "applications": [ { "applicationId": "POP1V3WFXZ4PRIO", "attributes": { "vendorPolicyKind": "Row Access Policy", "vendorPolicyName": "POL1", "vendorPolicyOrder": "1", "database": "DB", "schema": "SCHEMA", "owner": "ROLE" }, "nativeCode": { "language": "sql", "code": "{\"policy\":\"CREATE OR REPLACE ROW ACCESS POLICY \"POL1\"\"}" } } ] }, "policyId": "OCP1UUYIIV2DU87", "action": "CREATE", "isPolicyCompleted": "true", "validationErrors": [] } } } } } }, "headers": { "x-request-id": { "schema": { "type": "string" } } } }, "401": { "description": "Unauthorized", "headers": { "x-request-id": { "schema": { "type": "string" } } } }, "422": { "description": "Validation Failed - Invalid UUID", "headers": { "x-request-id": { "schema": { "type": "string" } } }, "content": { "application/json": { "schema": { "$ref": "#/components/schemas/Errors" }, "examples": { "Invalid ID Format": { "value": { "errors": [ { "code": "V-032", "args": { "0": "ed252aa5-9d0c-4193-838-60bf20b13109", "1": "uuid" }, "id": "EEJQMA", "status": "422", "name": "UnprocessableEntityError", "message": "$: test is an invalid uuid" } ] } } } } } } } } } }, "components": { "schemas": { "ValidatePolicyByFormatRequest": { "type": "object", "description": "Request body for validating policies by format", "required": [ "format", "policy" ], "properties": { "format": { "$ref": "#/components/schemas/PolicyFormat" }, "policy": { "type": "object", "description": "Policy content as JSON object" } } }, "validationResponseV2": { "type": "object", "properties": { "data": { "type": "object", "properties": { "code": { "type": "string", "description": "Code" }, "action": { "type": "string", "enum": [ "UPDATE", "CREATE" ], "description": "Action" }, "validationErrors": { "type": "array", "nullable": "true", "items": { "type": "object", "properties": { "code": { "type": "string" }, "id": { "type": "string" }, "name": { "type": "string" }, "message": { "type": "string" }, "line": { "type": "integer" } } } }, "affectedPolicyIds": { "type": "array", "nullable": "true", "items": { "type": "string" } } } } } }, "ValidatePolicyByFormatResponse": { "type": "object", "description": "Response object for validate policy by format endpoint", "properties": { "data": { "type": "object", "description": "Validate policy response data", "properties": { "format": { "$ref": "#/components/schemas/PolicyFormat" }, "policy": { "type": "object", "description": "Policy content based on format" }, "policyId": { "type": "string", "description": "Policy ID" }, "action": { "$ref": "#/components/schemas/MethodAction" }, "isPolicyCompleted": { "type": "boolean", "description": "Whether the policy is completed" }, "validationErrors": { "type": "array", "items": { "$ref": "#/components/schemas/ImportValidationError" } } } }, "meta": { "$ref": "#/components/schemas/meta" }, "errors": { "type": "array", "items": { "$ref": "#/components/schemas/Error" } } } }, "Errors": { "type": "object", "properties": { "errors": { "type": "array", "items": { "$ref": "#/components/schemas/Error" } } } }, "PolicyFormat": { "type": "string", "enum": [ "rego", "json" ], "description": "Policy format type", "example": "rego" }, "MethodAction": { "type": "string", "enum": [ "CREATE", "UPDATE" ], "description": "CREATE if policy is new, UPDATE if policy already exists", "example": "CREATE" }, "ImportValidationError": { "type": "object", "description": "Validation error details for policy import/validation", "properties": { "code": { "type": "string", "description": "Error code", "example": "PACV-001" }, "id": { "type": "string", "description": "Unique error identifier", "example": "ERHCQC" }, "name": { "type": "string", "description": "Error name", "example": "TemplateNotFound" }, "message": { "type": "string", "description": "Human-readable error message", "example": "Template: [at1] not found in Environment: [ceef5853-1491-4d1c-ae52-2f2a1729b3a4], Hint: did you mean [Claims]?" }, "args": { "type": "object", "description": "Error arguments with key-value pairs", "additionalProperties": { "type": "string" }, "example": { "0": "at1", "1": "ceef5853-1491-4d1c-ae52-2f2a1729b3a4", "2": "Claims" } }, "line": { "type": "integer", "description": "Line number where the error occurred (if applicable)", "example": "1" } } }, "meta": { "type": "object", "description": "Response Meta", "properties": { "total": { "type": "integer", "description": "Total number of records" }, "limit": { "type": "integer", "description": "Limit the number of records returned" }, "offset": { "type": "integer", "description": "The starting point for return of records" } } }, "Error": { "type": "object", "properties": { "code": { "type": "string" }, "id": { "type": "string" }, "status": { "type": "integer" }, "name": { "type": "string" }, "message": { "type": "string" }, "args": { "type": "object", "properties": { "path": { "type": "string" } } } } } } } } ````