Skip to main content
POST
/
api
/
v1
/
policies
Create
package main

import(
	"context"
	"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
	conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
	"log"
)

func main() {
    ctx := context.Background()

    s := conductoronesdkgo.New(
        conductoronesdkgo.WithSecurity(shared.Security{
            BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
            Oauth: "<YOUR_OAUTH_HERE>",
        }),
    )

    res, err := s.Policies.Create(ctx, nil)
    if err != nil {
        log.Fatal(err)
    }
    if res.CreatePolicyResponse != nil {
        // handle response
    }
}
{
  "policy": {
    "createdAt": "2023-11-07T05:31:56Z",
    "deletedAt": "2023-11-07T05:31:56Z",
    "description": "<string>",
    "displayName": "<string>",
    "id": "<string>",
    "policySteps": {},
    "policyType": "POLICY_TYPE_UNSPECIFIED",
    "postActions": [
      {
        "certifyRemediateImmediately": true
      }
    ],
    "reassignTasksToDelegates": true,
    "rules": [
      {
        "condition": "<string>",
        "policyKey": "<string>"
      }
    ],
    "systemBuiltin": true,
    "updatedAt": "2023-11-07T05:31:56Z"
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization
string
header
required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

The CreatePolicyRequest message is used to create a new policy.

displayName
string
required

The display name of the new policy.

description
string

The description of the new policy.

policySteps
object

The map of policy type to policy steps. The key is the stringified version of the enum. See other policies for examples.

policyType
enum<string>

The enum of the policy type.

Available options:
POLICY_TYPE_UNSPECIFIED,
POLICY_TYPE_GRANT,
POLICY_TYPE_REVOKE,
POLICY_TYPE_CERTIFY,
POLICY_TYPE_ACCESS_REQUEST,
POLICY_TYPE_PROVISION
postActions
Policy Post Actions · object[] | null

Actions to occur after a policy finishes. As of now this is only valid on a certify policy to remediate a denied certification immediately.

reassignTasksToDelegates
boolean
deprecated

Deprecated. Use setting in policy step instead

rules
Rule · object[] | null

The rules field.

Response

200 - application/json

The CreatePolicyResponse message contains the created policy object.

The CreatePolicyResponse message contains the created policy object.

policy
Policy · object

A policy describes the behavior of the ConductorOne system when processing a task. You can describe the type, approvers, fallback behavior, and escalation processes.