idstring(uuid)required
The unique identifier (UUID) of the policy to update
Update Access Policy
Modifies the configuration of an existing access policy including its rules, target users/devices/resources, and access permissions. Changes take effect immediately and affect network access.
patch
https://public-api.cipherscale.com/qa/tenants/policies/{id}
Path Parameters
Body
application/json
Body
application/json
UpdatePolicy
Data for updating an existing access policy
groupsarray[string]
Array of group IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440000"]
usersarray[string]
Array of user IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440001"]
devicesarray[string]
Array of device IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440002"]
gatewaysarray[string]
Array of gateway IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440004"]
resourcesarray[string]
Array of resource IDs to apply this policy to
Example:["550e8400-e29b-41d4-a716-446655440003"]
rulestringrequired
Admission rule ID for this policy
Example:550e8400-e29b-41d4-a716-446655440005
namestringrequired
Human-readable name for the policy
Example:Engineering Team Access
descriptionstring
Detailed description of the policy’s purpose and scope
Example:Allows engineering team to access development resources
allGroupsbooleanrequired
Whether this policy applies to all groups
Default:false
Example:false
allUsersbooleanrequired
Whether this policy applies to all users
Default:false
Example:false
allDevicesbooleanrequired
Whether this policy applies to all devices
Default:false
Example:false
allResourcesbooleanrequired
Whether this policy applies to all resources
Default:false
Example:false
sourceIpsarray[string]
Array of source IP addresses or ranges
Example:["192.168.1.0/24","10.0.0.0/8"]
modestring
Access mode for this policy
Allowed values:LOCALRESTRICTEDREMOTE
Example:LOCAL
actionbooleanrequired
Whether this policy allows (true) or denies (false) access
Example:true
Response
200 application/json
Response
200 application/json
Successfully updated access policy
Policy
Access policy defining who can access what resources under what conditions
idstring(uuid)required
Unique identifier for the policy
createdAtstring(date-time)required
Timestamp when the policy was created
updatedAtstring(date-time)required
Timestamp when the policy was last modified
namestringrequired
Human-readable name for the policy
actionbooleanrequired
Whether this policy allows (true) or denies (false) access
ordernumberrequired
Priority order for policy evaluation (lower numbers are evaluated first)
isDefaultbooleanrequired
Whether this is a default policy that applies to all entities
typestringrequired
Type of resources this policy applies to
Allowed values:PRIVATESAASINTERNETSITETOSITE
modestring
Access mode for this policy
Allowed values:LOCALRESTRICTEDREMOTE
allGroupsbooleanrequired
Whether this policy applies to all groups
Default:false
allUsersbooleanrequired
Whether this policy applies to all users
Default:false
allDevicesbooleanrequired
Whether this policy applies to all devices
Default:false
allResourcesbooleanrequired
Whether this policy applies to all resources
Default:false
groupsarray[object]
Group information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Engineering Team","description":"Team responsible for software development and engineering","maxDevices":10,"isSamlDefaultGroup":false,"idpMapping":["engineering-team","dev-team"]}
Show Child Parameters
usersarray[object]
User information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","lastConnection":"2023-01-15T14:30:00Z","email":"jane.smith@company.com","status":"ACTIVE","firstName":"Jane","lastName":"Smith","isOwner":false,"maxDevices":5,"image":"https://example.com/avatars/jane-smith.jpg"}
Show Child Parameters
devicesarray[object]
Device information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"John's MacBook Pro","active":true,"lastConnection":"2023-01-15T14:30:00Z","status":"Online","hardwareId":"MAC-001122334455","posture":{"compliant":true,"lastCheck":"2023-01-15T14:30:00Z"},"appVersion":"1.2.3"}
Show Child Parameters
resourcesarray[object]
Resource information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Internal Web Server","type":"PRIVATE","loadBalancingMode":"MANUAL","description":"Internal web server for company applications"}
Show Child Parameters
gatewaysarray[object]
Network gateway configuration and status information
Show Child Parameters
sourceIpsarray[string]
Source IP addresses or ranges this policy applies to
ruleobjectrequired
Complete admission rule information with configuration and metadata
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","name":"Engineering Department Access","type":"ALLOW","rule":"user.department == 'Engineering'","hasTimeConstraint":false,"createdAt":"2023-01-15T10:30:00Z","updatedAt":"2023-01-15T10:30:00Z"}
Show Child Parameters
descriptionstring
Detailed description of the policy’s purpose and scope
patch/tenants/policies/{id}
Authentication
Path Parameters
Body
{
"name": "Engineering Team Access",
"description": "Allows engineering team to access development resources",
"mode": "LOCAL",
"action": true,
"allGroups": false,
"allUsers": false,
"allDevices": false,
"allResources": false,
"groups": [
"550e8400-e29b-41d4-a716-446655440000"
],
"rule": "550e8400-e29b-41d4-a716-446655440005"
}{
"name": "Engineering Team Access",
"description": "Allows engineering team to access development resources",
"mode": "LOCAL",
"action": true,
"allGroups": false,
"allUsers": false,
"allDevices": false,
"allResources": false,
"groups": [
"550e8400-e29b-41d4-a716-446655440000"
],
"rule": "550e8400-e29b-41d4-a716-446655440005"
}
curl --request PATCH \
--url https://public-api.cipherscale.com/qa/tenants/policies/ \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"name": "Engineering Team Access",
"description": "Allows engineering team to access development resources",
"mode": "LOCAL",
"action": true,
"allGroups": false,
"allUsers": false,
"allDevices": false,
"allResources": false,
"groups": [
"550e8400-e29b-41d4-a716-446655440000"
],
"rule": "550e8400-e29b-41d4-a716-446655440005"
}' 200 application/json
{
"id": "id",
"createdAt": "createdAt",
"updatedAt": "updatedAt",
"name": "name",
"action": false,
"order": 0,
"isDefault": false,
"type": "PRIVATE",
"mode": "LOCAL",
"allGroups": false,
"allUsers": false,
"allDevices": false,
"allResources": false,
"groups": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"name": "Engineering Team",
"description": "Team responsible for software development and engineering",
"maxDevices": 10,
"isSamlDefaultGroup": false,
"idpMapping": [
"engineering-team",
"dev-team"
]
}
],
"users": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"lastConnection": "2023-01-15T14:30:00Z",
"email": "jane.smith@company.com",
"status": "ACTIVE",
"firstName": "Jane",
"lastName": "Smith",
"isOwner": false,
"maxDevices": 5,
"image": "https://example.com/avatars/jane-smith.jpg"
}
],
"devices": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"name": "John's MacBook Pro",
"active": true,
"lastConnection": "2023-01-15T14:30:00Z",
"status": "Online",
"hardwareId": "MAC-001122334455",
"posture": {
"compliant": true,
"lastCheck": "2023-01-15T14:30:00Z"
},
"appVersion": "1.2.3"
}
],
"resources": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"name": "Internal Web Server",
"type": "PRIVATE",
"loadBalancingMode": "MANUAL",
"description": "Internal web server for company applications"
}
],
"gateways": [
{
"id": "id",
"createdAt": "createdAt",
"updatedAt": "updatedAt",
"name": "name",
"description": "description",
"wireguardPort": "wireguardPort",
"status": "PENDING",
"error": "error",
"token": "token",
"lastOnline": "lastOnline",
"relayEnabled": false,
"endpoint": "endpoint",
"autoDiscoverEndpoint": false,
"resources": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Internal Web Server"
}
]
}
],
"sourceIps": [
"[]"
],
"rule": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Engineering Department Access",
"type": "ALLOW",
"rule": "user.department == 'Engineering'",
"hasTimeConstraint": false,
"createdAt": "2023-01-15T10:30:00Z",
"updatedAt": "2023-01-15T10:30:00Z"
},
"description": "description"
}Get Policy Details
Retrieves comprehensive information about a specific access policy including its configuration, target entities, rules, and current status.
get
https://public-api.cipherscale.com/qa/tenants/policies/{id}
Path Parameters
idstring(uuid)required
The unique identifier (UUID) of the policy
Response
200 application/json
Response
200 application/json
Successfully retrieved policy details
Policy
Access policy defining who can access what resources under what conditions
idstring(uuid)required
Unique identifier for the policy
createdAtstring(date-time)required
Timestamp when the policy was created
updatedAtstring(date-time)required
Timestamp when the policy was last modified
namestringrequired
Human-readable name for the policy
actionbooleanrequired
Whether this policy allows (true) or denies (false) access
ordernumberrequired
Priority order for policy evaluation (lower numbers are evaluated first)
isDefaultbooleanrequired
Whether this is a default policy that applies to all entities
typestringrequired
Type of resources this policy applies to
Allowed values:PRIVATESAASINTERNETSITETOSITE
modestring
Access mode for this policy
Allowed values:LOCALRESTRICTEDREMOTE
allGroupsbooleanrequired
Whether this policy applies to all groups
Default:false
allUsersbooleanrequired
Whether this policy applies to all users
Default:false
allDevicesbooleanrequired
Whether this policy applies to all devices
Default:false
allResourcesbooleanrequired
Whether this policy applies to all resources
Default:false
groupsarray[object]
Group information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Engineering Team","description":"Team responsible for software development and engineering","maxDevices":10,"isSamlDefaultGroup":false,"idpMapping":["engineering-team","dev-team"]}
Show Child Parameters
usersarray[object]
User information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","lastConnection":"2023-01-15T14:30:00Z","email":"jane.smith@company.com","status":"ACTIVE","firstName":"Jane","lastName":"Smith","isOwner":false,"maxDevices":5,"image":"https://example.com/avatars/jane-smith.jpg"}
Show Child Parameters
devicesarray[object]
Device information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"John's MacBook Pro","active":true,"lastConnection":"2023-01-15T14:30:00Z","status":"Online","hardwareId":"MAC-001122334455","posture":{"compliant":true,"lastCheck":"2023-01-15T14:30:00Z"},"appVersion":"1.2.3"}
Show Child Parameters
resourcesarray[object]
Resource information within a policy context
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","createdAt":"2023-01-15T14:30:00Z","updatedAt":"2023-01-15T14:30:00Z","name":"Internal Web Server","type":"PRIVATE","loadBalancingMode":"MANUAL","description":"Internal web server for company applications"}
Show Child Parameters
gatewaysarray[object]
Network gateway configuration and status information
Show Child Parameters
sourceIpsarray[string]
Source IP addresses or ranges this policy applies to
ruleobjectrequired
Complete admission rule information with configuration and metadata
Example:{"id":"550e8400-e29b-41d4-a716-446655440000","name":"Engineering Department Access","type":"ALLOW","rule":"user.department == 'Engineering'","hasTimeConstraint":false,"createdAt":"2023-01-15T10:30:00Z","updatedAt":"2023-01-15T10:30:00Z"}
Show Child Parameters
descriptionstring
Detailed description of the policy’s purpose and scope
get/tenants/policies/{id}
Authentication
Path Parameters
curl --request GET \
--url https://public-api.cipherscale.com/qa/tenants/policies/ \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' 200 application/json
{
"id": "id",
"createdAt": "createdAt",
"updatedAt": "updatedAt",
"name": "name",
"action": false,
"order": 0,
"isDefault": false,
"type": "PRIVATE",
"mode": "LOCAL",
"allGroups": false,
"allUsers": false,
"allDevices": false,
"allResources": false,
"groups": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"name": "Engineering Team",
"description": "Team responsible for software development and engineering",
"maxDevices": 10,
"isSamlDefaultGroup": false,
"idpMapping": [
"engineering-team",
"dev-team"
]
}
],
"users": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"lastConnection": "2023-01-15T14:30:00Z",
"email": "jane.smith@company.com",
"status": "ACTIVE",
"firstName": "Jane",
"lastName": "Smith",
"isOwner": false,
"maxDevices": 5,
"image": "https://example.com/avatars/jane-smith.jpg"
}
],
"devices": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"name": "John's MacBook Pro",
"active": true,
"lastConnection": "2023-01-15T14:30:00Z",
"status": "Online",
"hardwareId": "MAC-001122334455",
"posture": {
"compliant": true,
"lastCheck": "2023-01-15T14:30:00Z"
},
"appVersion": "1.2.3"
}
],
"resources": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"createdAt": "2023-01-15T14:30:00Z",
"updatedAt": "2023-01-15T14:30:00Z",
"name": "Internal Web Server",
"type": "PRIVATE",
"loadBalancingMode": "MANUAL",
"description": "Internal web server for company applications"
}
],
"gateways": [
{
"id": "id",
"createdAt": "createdAt",
"updatedAt": "updatedAt",
"name": "name",
"description": "description",
"wireguardPort": "wireguardPort",
"status": "PENDING",
"error": "error",
"token": "token",
"lastOnline": "lastOnline",
"relayEnabled": false,
"endpoint": "endpoint",
"autoDiscoverEndpoint": false,
"resources": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Internal Web Server"
}
]
}
],
"sourceIps": [
"[]"
],
"rule": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Engineering Department Access",
"type": "ALLOW",
"rule": "user.department == 'Engineering'",
"hasTimeConstraint": false,
"createdAt": "2023-01-15T10:30:00Z",
"updatedAt": "2023-01-15T10:30:00Z"
},
"description": "description"
}Role
objectUser role definition with specific permissions and capabilities
idstring(uuid)required
Unique identifier for the role
createdAtstring(date-time)required
Timestamp when the role was created
updatedAtstring(date-time)required
Timestamp when the role was last modified
namestringrequired
Human-readable name of the role
descriptionstring
Detailed description of the role’s purpose and permissions
deleteablebooleanrequired
Whether this role can be deleted (system roles are typically not deletable)
typestringrequired
Predefined role type that determines the base permissions
Allowed values:OWNERADMINDEFAULTBASICBILLINGAUDITORSUPPORT
Example
{
"id": "id",
"createdAt": "createdAt",
"updatedAt": "updatedAt",
"name": "name",
"description": "description",
"deleteable": false,
"type": "OWNER"
}UserGroup
objectUser group information with role assignments and member management
idstring(uuid)required
Unique identifier for the user group
Example:550e8400-e29b-41d4-a716-446655440000
createdAtstring(date-time)required
Timestamp when the group was created
Example:2023-01-15T10:30:00Z
updatedAtstring(date-time)required
Timestamp when the group was last modified
Example:2023-01-15T10:30:00Z
namestringrequired
Human-readable name for the user group
Example:Engineering Team
descriptionstring
Detailed description of the group’s purpose and scope
Example:Software engineering team with access to development resources
Example
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Engineering Team",
"description": "Software engineering team with access to development resources",
"createdAt": "2023-01-15T10:30:00Z",
"updatedAt": "2023-01-15T10:30:00Z"
}DeviceUser
objectUser information associated with a device
idstring(uuid)required
Unique identifier for the user
Example:550e8400-e29b-41d4-a716-446655440000
lastConnectionstring(date-time)required
Timestamp of the user’s last network connection
Example:2023-01-15T14:30:00Z
emailstring
User’s email address
Example:john.doe@company.com
firstNamestring
User’s first name
Example:John
lastNamestring
User’s last name
Example:Doe
Example
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "john.doe@company.com",
"firstName": "John",
"lastName": "Doe",
"lastConnection": "2023-01-15T14:30:00Z"
}