Array of policies with their new order positions
idstring(uuid)required
The unique identifier of the policy
ordernumberrequired
The new order position for the policy (must be greater than 0)
>= 1
Reorder Access Policies
Changes the priority order of access policies. Policy order is crucial as policies are evaluated in sequence, and the first matching policy determines access permissions.
patch
https://public-api.cipherscale.com/qa/tenants/policies
Body
application/json
Body
application/json
Response
200
Response
200
patch/tenants/policies
Authentication
Body
[
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"order": 1
},
{
"id": "987fcdeb-51a2-43d7-8f9e-123456789abc",
"order": 2
}
]
200
Remove Access Policy
Permanently removes an access policy from the tenant. This operation will affect network access permissions for all users and devices covered by this policy.
delete
https://public-api.cipherscale.com/qa/tenants/policies/{id}
Path Parameters
idstring(uuid)required
The unique identifier (UUID) of the policy to delete
Response
204
Response
204
delete/tenants/policies/{id}
Authentication
Path Parameters
204
Update Access Policy
Modifies the configuration of an existing access policy including its rules, target users/devices/resources, and access permissions. Changes take effect immediately and affect network access.
patch
https://public-api.cipherscale.com/qa/tenants/policies/{id}
Path Parameters
idstring(uuid)required
The unique identifier (UUID) of the policy to update
Body
application/json
Body
application/json
UpdatePolicy
Data for updating an existing access policy
groupsarray[string]
Array of group IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440000"]
usersarray[string]
Array of user IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440001"]
devicesarray[string]
Array of device IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440002"]
gatewaysarray[string]
Array of gateway IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440004"]
resourcesarray[string]
Array of resource IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440003"]
rulestringrequired
Admission rule ID for this policy
Example:550e8400-e29b-41d4-a716-446655440005
namestringrequired
Human-readable name for the policy
Example:Engineering Team Access
descriptionstring
Detailed description of the policy’s purpose and scope
Example:Allows engineering team to access development resources
allGroupsbooleanrequired
Whether this policy applies to all groups
Default:false
Example:false
allUsersbooleanrequired
Whether this policy applies to all users
Default:false
Example:false
allDevicesbooleanrequired
Whether this policy applies to all devices
Default:false
Example:false
allResourcesbooleanrequired
Whether this policy applies to all resources
Default:false
Example:false
sourceIpsarray[string]
Array of source IP addresses or ranges
Example:["192.168.1.0/24","10.0.0.0/8"]
modestring
Access mode for this policy
Allowed values:LOCALRESTRICTEDREMOTE
Example:LOCAL
actionbooleanrequired
Whether this policy allows (true) or denies (false) access
Example:true
Response
200 application/json
Response
200 application/json
Successfully updated access policy
Policy
Access policy defining who can access what resources under what conditions
idstring(uuid)required
Unique identifier for the policy
createdAtstring(date-time)required
Timestamp when the policy was created
updatedAtstring(date-time)required
Timestamp when the policy was last modified
namestringrequired
Human-readable name for the policy
actionbooleanrequired
Whether this policy allows (true) or denies (false) access
ordernumberrequired
Priority order for policy evaluation (lower numbers are evaluated first)
isDefaultbooleanrequired
Whether this is a default policy that applies to all entities
typestringrequired
Type of resources this policy applies to
Allowed values:PRIVATESAASINTERNETSITETOSITE
modestring
Access mode for this policy
Allowed values:LOCALRESTRICTEDREMOTE
allGroupsbooleanrequired
Whether this policy applies to all groups
Default:false
allUsersbooleanrequired
Whether this policy applies to all users
Default:false
allDevicesbooleanrequired
Whether this policy applies to all devices
Default:false
allResourcesbooleanrequired
Whether this policy applies to all resources
Default:false
groupsarray[object]
Group information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Engineering Team","description":"Team responsible for software development and engineering","maxDevices":10,"isSamlDefaultGroup":false,"idpMapping":["engineering-team","dev-team"]}
Show Child Parameters
usersarray[object]
User information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","lastConnection":"2023-01-15T14:30:00Z","email":"jane.smith@company.com","status":"ACTIVE","firstName":"Jane","lastName":"Smith","isOwner":false,"maxDevices":5,"image":"https://example.com/avatars/jane-smith.jpg"}
Show Child Parameters
devicesarray[object]
Device information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"John's MacBook Pro","active":true,"lastConnection":"2023-01-15T14:30:00Z","status":"Online","hardwareId":"MAC-001122334455","posture":{"compliant":true,"lastCheck":"2023-01-15T14:30:00Z"},"appVersion":"1.2.3"}
Show Child Parameters
resourcesarray[object]
Resource information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Internal Web Server","type":"PRIVATE","loadBalancingMode":"MANUAL","description":"Internal web server for company applications"}
Show Child Parameters
gatewaysarray[object]
Network gateway configuration and status information
Show Child Parameters
sourceIpsarray[string]
Source IP addresses or ranges this policy applies to
ruleobjectrequired
Complete admission rule information with configuration and metadata
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","name":"Engineering Department Access","type":"ALLOW","rule":"user.department == 'Engineering'","hasTimeConstraint":false,"createdAt":"2023-01-15T10:30:00Z","updatedAt":"2023-01-15T10:30:00Z"}
Show Child Parameters
descriptionstring
Detailed description of the policy’s purpose and scope
patch/tenants/policies/{id}
Authentication
Path Parameters
Body
{
"name": "Engineering Team Access",
"description": "Allows engineering team to access development resources",
"mode": "LOCAL",
"action": true,
"allGroups": false,
"allUsers": false,
"allDevices": false,
"allResources": false,
"groups": [
"550e8400-e29b-41d4-a716-446655440000"
],
"rule": "550e8400-e29b-41d4-a716-446655440005"
}
200 application/json
Get Policy Details
Retrieves comprehensive information about a specific access policy including its configuration, target entities, rules, and current status.
get
https://public-api.cipherscale.com/qa/tenants/policies/{id}
Path Parameters
idstring(uuid)required
The unique identifier (UUID) of the policy
Response
200 application/json
Response
200 application/json
Successfully retrieved policy details
Policy
Access policy defining who can access what resources under what conditions
idstring(uuid)required
Unique identifier for the policy
createdAtstring(date-time)required
Timestamp when the policy was created
updatedAtstring(date-time)required
Timestamp when the policy was last modified
namestringrequired
Human-readable name for the policy
actionbooleanrequired
Whether this policy allows (true) or denies (false) access
ordernumberrequired
Priority order for policy evaluation (lower numbers are evaluated first)
isDefaultbooleanrequired
Whether this is a default policy that applies to all entities
typestringrequired
Type of resources this policy applies to
Allowed values:PRIVATESAASINTERNETSITETOSITE
modestring
Access mode for this policy
Allowed values:LOCALRESTRICTEDREMOTE
allGroupsbooleanrequired
Whether this policy applies to all groups
Default:false
allUsersbooleanrequired
Whether this policy applies to all users
Default:false
allDevicesbooleanrequired
Whether this policy applies to all devices
Default:false
allResourcesbooleanrequired
Whether this policy applies to all resources
Default:false
groupsarray[object]
Group information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Engineering Team","description":"Team responsible for software development and engineering","maxDevices":10,"isSamlDefaultGroup":false,"idpMapping":["engineering-team","dev-team"]}
Show Child Parameters
usersarray[object]
User information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","lastConnection":"2023-01-15T14:30:00Z","email":"jane.smith@company.com","status":"ACTIVE","firstName":"Jane","lastName":"Smith","isOwner":false,"maxDevices":5,"image":"https://example.com/avatars/jane-smith.jpg"}
Show Child Parameters
devicesarray[object]
Device information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"John's MacBook Pro","active":true,"lastConnection":"2023-01-15T14:30:00Z","status":"Online","hardwareId":"MAC-001122334455","posture":{"compliant":true,"lastCheck":"2023-01-15T14:30:00Z"},"appVersion":"1.2.3"}
Show Child Parameters
resourcesarray[object]
Resource information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Internal Web Server","type":"PRIVATE","loadBalancingMode":"MANUAL","description":"Internal web server for company applications"}
Show Child Parameters
gatewaysarray[object]
Network gateway configuration and status information
Show Child Parameters
sourceIpsarray[string]
Source IP addresses or ranges this policy applies to
ruleobjectrequired
Complete admission rule information with configuration and metadata
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","name":"Engineering Department Access","type":"ALLOW","rule":"user.department == 'Engineering'","hasTimeConstraint":false,"createdAt":"2023-01-15T10:30:00Z","updatedAt":"2023-01-15T10:30:00Z"}
Show Child Parameters
descriptionstring
Detailed description of the policy’s purpose and scope
get/tenants/policies/{id}
Authentication
Path Parameters
200 application/json
Role
objectUser role definition with specific permissions and capabilities
idstring(uuid)required
Unique identifier for the role
createdAtstring(date-time)required
Timestamp when the role was created
updatedAtstring(date-time)required
Timestamp when the role was last modified
namestringrequired
Human-readable name of the role
descriptionstring
Detailed description of the role’s purpose and permissions
deleteablebooleanrequired
Whether this role can be deleted (system roles are typically not deletable)
typestringrequired
Predefined role type that determines the base permissions
Allowed values:OWNERADMINDEFAULTBASICBILLINGAUDITORSUPPORT
Example