search
Ctrlk
Sign up for FreeKnowledge Base

Access policies API

Enable fine-grained control over how just-in-time access requests are evaluated, approved, and enforced—ensuring secure, compliant, and context-aware access workflows.

The Access Policies API gives you fine-grained control over how just-in-time access requests are evaluated and approved. By defining workflow rules based on both the requestor (who is making the request) and the resource (what they’re trying to access), you can enforce consistent, auditable, and dynamic access controls across your infrastructure.

Access policies allow you to direct access requests through different approval paths based on context. For example, you can require manual approval for sensitive production systems, while allowing auto-approved access to staging environments. You can also limit request scope using filters or directory-based rules, ensuring access is only available to the right people at the right time.

hashtag
Get Routing Configuration

get

Retrieve the routing configuration (WorkflowConfig) for the specified organization.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired

The ID of the organization.

Responses
chevron-right
200

Routing configuration returned successfully.

application/json
idstringOptional
createdDatestring · date-timeOptional
get
/o/{orgId}/routing

hashtag
Save Routing Configuration

post

Save a new version of the routing configuration.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired

The ID of the organization.

Body
currentVersionstringOptional
Responses
chevron-right
200

Updated routing rules returned.

application/json
versionstringOptional
post
/o/{orgId}/routing
200

Updated routing rules returned.

hashtag
Get a Routing Rule by Name

get

Retrieve a specific routing rule by its name.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired
namestringRequired
Responses
chevron-right
200

Routing rule returned successfully.

application/json
namestringOptional

A human readable name for this routing rule

disabledbooleanOptional

Whether or not the routing rule should be evaluated; if false or undefined, the rule will be evaluated

get
/o/{orgId}/routing/name/{name}

hashtag
Get Workflow Configuration by ID

get

Retrieve a specific routing configuration by workflow ID.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired
workflowIdstringRequired
Responses
chevron-right
200

Workflow configuration returned successfully.

application/json
idstringOptional
createdDatestring · date-timeOptional
get
/o/{orgId}/routing/{workflowId}

hashtag
Create a Routing Rule by Name

post

Create a new routing rule with the specified name.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired
namestringRequired
Body
namestringOptional

A human readable name for this routing rule

disabledbooleanOptional

Whether or not the routing rule should be evaluated; if false or undefined, the rule will be evaluated

Responses
chevron-right
200

Routing rule created successfully.

application/json
namestringOptional

A human readable name for this routing rule

disabledbooleanOptional

Whether or not the routing rule should be evaluated; if false or undefined, the rule will be evaluated

post
/o/{orgId}/routing/name/{name}
200

Routing rule created successfully.

hashtag
Update a Routing Rule by Name

put

Update an existing routing rule with the specified name.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired
namestringRequired
Body
namestringOptional

A human readable name for this routing rule

disabledbooleanOptional

Whether or not the routing rule should be evaluated; if false or undefined, the rule will be evaluated

Responses
chevron-right
200

Routing rule updated successfully.

application/json
namestringOptional

A human readable name for this routing rule

disabledbooleanOptional

Whether or not the routing rule should be evaluated; if false or undefined, the rule will be evaluated

put
/o/{orgId}/routing/name/{name}
200

Routing rule updated successfully.

hashtag
Delete a Routing Rule by Name

delete

Delete the routing rule with the specified name.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
orgIdstringRequired
namestringRequired
Responses
delete
/o/{orgId}/routing/name/{name}
204

Routing rule deleted successfully. No content returned.

No content
PreviousAccess requests APINextCreating an Environment

Last updated