Search
K
Cipherscale API

Create Access Policy

Creates a new access policy that defines which users, devices, and groups can access specific network resources. Policies are the core of the Zero Trust access control system and determine network access permissions. required: true content:
application/json:
schema:
$ref: “#/components/schemas/CreatePolicyDto”

post
https://public-api.cipherscale.com/qa/tenants/policies

Response

application/json

PolicyDto

Access policy defining who can access what resources under what conditions

idstring(uuid)required

Unique identifier for the policy

createdAtstring(date-time)required

Timestamp when the policy was created

updatedAtstring(date-time)required

Timestamp when the policy was last modified

namestringrequired

Human-readable name for the policy

actionbooleanrequired

Whether this policy allows (true) or denies (false) access

ordernumberrequired

Priority order for policy evaluation (lower numbers are evaluated first)

isDefaultbooleanrequired

Whether this is a default policy that applies to all entities

typestringrequired

Type of resources this policy applies to

Allowed values:PRIVATESAASINTERNETSITETOSITE

modestring

Access mode for this policy

Allowed values:LOCALRESTRICTEDINTERNET_ACCESS_POINT

allGroupsobjectrequired

Whether this policy applies to all groups

Default:false

allUsersobjectrequired

Whether this policy applies to all users

Default:false

allDevicesobjectrequired

Whether this policy applies to all devices

Default:false

allResourcesobjectrequired

Whether this policy applies to all resources

Default:false

groupsarray[object]

Specific groups this policy applies to

Show Child Parameters
usersarray[object]

Specific users this policy applies to

Show Child Parameters
devicesarray[object]

Specific devices this policy applies to

Show Child Parameters
resourcesarray[object]

Specific resources this policy applies to

Show Child Parameters
gatewaysarray[object]

Network gateway configuration and status information

Show Child Parameters
sourceIpsarray[string]

Source IP addresses or ranges this policy applies to

ruleobjectrequired

Additional admission rules and conditions for this policy

Show Child Parameters
descriptionstring

Detailed description of the policy’s purpose and scope

post/tenants/policies
 
application/json

List All Access Policies

Retrieves a paginated list of all access policies for the tenant with advanced filtering capabilities. Policies are ordered by priority and determine network access permissions for users and devices. - name: sort
required: false
in: query
description: >-
Sort order in JSON format {“field”: “direction”}. Sortable fields:
id, order. Direction: asc, desc
schema:
example: “-order,id”
type: string

  • required: false
    name: limit
    in: query
    schema:
    type: number
  • required: false
    name: offset
    in: query
    schema:
    type: number
  • name: filter[resources.id]
    required: false
    in: query
    description: Filter policies by resource ID (UUID format)
    schema:
    example: 123e4567-e89b-12d3-a456-426614174000
    type: string
  • name: filter[allResources]
    required: false
    in: query
    description: Filter policies by all resources flag
    schema:
    example: true
    type: boolean
  • name: filter[devices.id]
    required: false
    in: query
    description: Filter policies by device ID (UUID format)
    schema:
    example: 123e4567-e89b-12d3-a456-426614174000
    type: string
  • name: filter[groups.id]
    required: false
    in: query
    description: Filter policies by group ID (UUID format)
    schema:
    example: 123e4567-e89b-12d3-a456-426614174000
    type: string
  • name: filter[users.id]
    required: false
    in: query
    description: Filter policies by user ID (UUID format)
    schema:
    example: 123e4567-e89b-12d3-a456-426614174000
    type: string
  • name: filter[allUsers]
    required: false
    in: query
    description: Filter policies by all users flag
    schema:
    example: true
    type: boolean
  • name: filter[allGroups]
    required: false
    in: query
    description: Filter policies by all groups flag
    schema:
    example: false
    type: boolean
  • name: filter[allDevices]
    required: false
    in: query
    description: Filter policies by all devices flag
    schema:
    example: true
    type: boolean
  • name: filter[rule.id]
    required: false
    in: query
    description: Filter policies by rule ID (UUID format)
    schema:
    example: 123e4567-e89b-12d3-a456-426614174000
    type: string
  • name: filter[id]
    required: false
    in: query
    description: Filter policies by ID (UUID format)
    schema:
    example: 123e4567-e89b-12d3-a456-426614174000
    type: string
  • name: filter[name]
    required: false
    in: query
    description: Filter policies by name
    schema:
    example: My Policy
    type: string
  • name: filter[type]
    required: false
    in: query
    description: Filter policies by type
    schema:
    enum:
    - PRIVATE
    - SAAS
    - INTERNET
    - SITETOSITE
    type: string
  • name: page[offset]
    required: false
    in: query
    description: “Number of policies to skip (minimum: 0)”
    schema:
    example: 0
    type: number
  • name: page[limit]
    required: false
    in: query
    description: “Number of policies to return per page (minimum: 1)”
    schema:
    example: 10
    type: number
get
https://public-api.cipherscale.com/qa/tenants/policies

Response

get/tenants/policies
 

Reorder Access Policies

Changes the priority order of access policies. Policy order is crucial as policies are evaluated in sequence, and the first matching policy determines access permissions. required: true content:
application/json:
schema:
type: array
items:
type: string

patch
https://public-api.cipherscale.com/qa/tenants/policies

Response

patch/tenants/policies
 

Remove Access Policy

Permanently removes an access policy from the tenant. This operation will affect network access permissions for all users and devices covered by this policy.

delete
https://public-api.cipherscale.com/qa/tenants/policies/{id}

Path Parameters

idstring(uuid)required

The unique identifier (UUID) of the policy to delete

Response

delete/tenants/policies/{id}
 

Update Access Policy

Modifies the configuration of an existing access policy including its rules, target users/devices/resources, and access permissions. Changes take effect immediately and affect network access.

patch
https://public-api.cipherscale.com/qa/tenants/policies/{id}

Path Parameters

idstring(uuid)required

The unique identifier (UUID) of the policy to update

Body

application/json

UpdatePolicyDto

groupsarray[string]
usersarray[string]
devicesarray[string]
gatewaysarray[string]
resourcesarray[string]
rulestringrequired
namestringrequired
descriptionstring
allGroupsobjectrequired

Default:false

allUsersobjectrequired

Default:false

allDevicesobjectrequired

Default:false

allResourcesobjectrequired

Default:false

sourceIpsarray[string]
modestring

Allowed values:LOCALRESTRICTEDINTERNET_ACCESS_POINT

actionbooleanrequired

Response

application/json

PolicyDto

Access policy defining who can access what resources under what conditions

idstring(uuid)required

Unique identifier for the policy

createdAtstring(date-time)required

Timestamp when the policy was created

updatedAtstring(date-time)required

Timestamp when the policy was last modified

namestringrequired

Human-readable name for the policy

actionbooleanrequired

Whether this policy allows (true) or denies (false) access

ordernumberrequired

Priority order for policy evaluation (lower numbers are evaluated first)

isDefaultbooleanrequired

Whether this is a default policy that applies to all entities

typestringrequired

Type of resources this policy applies to

Allowed values:PRIVATESAASINTERNETSITETOSITE

modestring

Access mode for this policy

Allowed values:LOCALRESTRICTEDINTERNET_ACCESS_POINT

allGroupsobjectrequired

Whether this policy applies to all groups

Default:false

allUsersobjectrequired

Whether this policy applies to all users

Default:false

allDevicesobjectrequired

Whether this policy applies to all devices

Default:false

allResourcesobjectrequired

Whether this policy applies to all resources

Default:false

groupsarray[object]

Specific groups this policy applies to

Show Child Parameters
usersarray[object]

Specific users this policy applies to

Show Child Parameters
devicesarray[object]

Specific devices this policy applies to

Show Child Parameters
resourcesarray[object]

Specific resources this policy applies to

Show Child Parameters
gatewaysarray[object]

Network gateway configuration and status information

Show Child Parameters
sourceIpsarray[string]

Source IP addresses or ranges this policy applies to

ruleobjectrequired

Additional admission rules and conditions for this policy

Show Child Parameters
descriptionstring

Detailed description of the policy’s purpose and scope

patch/tenants/policies/{id}

Body

{ "rule": "rule", "name": "name", "allGroups": {}, "allUsers": {}, "allDevices": {}, "allResources": {}, "action": false }
 
application/json