POST
/api/v1/gateway/policiesCreate rule / apply template / evaluate
Action-discriminated on action. create-rule -> {projectId, rule} (201). apply-template -> {projectId, template} (201). evaluate -> {projectId, agent, request}. member role.
Authentication
Send Authorization: Bearer YOUR_API_KEY on every request. Generate API keys at /dashboard/api-keys.
Request body required
Schema
{
"application/json": {
"schema": {
"oneOf": [
{
"type": "object",
"properties": {
"action": {
"type": "string",
"enum": [
"create-rule"
]
},
"projectId": {
"type": "string",
"format": "uuid",
"pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$"
},
"rule": {
"type": "object",
"properties": {
"name": {
"type": "string",
"minLength": 1,
"maxLength": 200
},
"description": {
"type": "string",
"maxLength": 2000
},
"priority": {
"default": 100,
"type": "integer",
"minimum": 1,
"maximum": 10000
},
"effect": {
"type": "string",
"enum": [
"allow",
"deny"
]
},
"conditions": {
"default": {},
"type": "object",
"properties": {
"agents": {
"maxItems": 50,
"type": "array",
"items": {
"type": "string",
"maxLength": 200
}
},
"tools": {
"maxItems": 50,
"type": "array",
"items": {
"type": "string",
"maxLength": 200
}
},
"actions": {
"maxItems": 8,
"type": "array",
"items": {
"type": "string",
"enum": [
"read",
"write",
"delete",
"execute",
"send",
"list",
"create",
"update"
]
}
},
"resources": {
"maxItems": 100,
"type": "array",
"items": {
"type": "string",
"maxLength": 200
}
},
"maxCallsPerMinute": {
"type": "integer",
"minimum": 1,
"maximum": 1000000
},
"maxCallsPerSession": {
"type": "integer",
"minimum": 1,
"maximum": 1000000
},
"requireApproval": {
"type": "boolean"
}
},
"additionalProperties": false
}
},
"required": [
"name",
"priority",
"effect",
"conditions"
],
"additionalProperties": false
}
},
"required": [
"action",
"projectId",
"rule"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"action": {
"type": "string",
"enum": [
"apply-template"
]
},
"projectId": {
"type": "string",
"format": "uuid",
"pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$"
},
"template": {
"type": "string",
"enum": [
"read-only",
"deny-external",
"production-safe"
]
}
},
"required": [
"action",
"projectId",
"template"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"action": {
"type": "string",
"enum": [
"evaluate"
]
},
"projectId": {
"type": "string",
"format": "uuid",
"pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$"
},
"agent": {
"type": "string",
"minLength": 1,
"maxLength": 200
},
"request": {
"type": "object",
"properties": {
"tool": {
"type": "string",
"maxLength": 200
},
"action": {
"type": "string",
"enum": [
"read",
"write",
"delete",
"execute",
"send",
"list",
"create",
"update"
]
},
"resource": {
"type": "string",
"maxLength": 500
}
},
"additionalProperties": {}
}
},
"required": [
"action",
"projectId",
"agent",
"request"
],
"additionalProperties": false
}
]
}
}
}Response
201 example
{
"success": true
}All status codes
201Created.
400(no description)
401(no description)
403Forbidden - insufficient role for this operation.
404(no description)
429(no description)
Code samples
cURL
curl -X POST \ https://evalguard.ai/api/v1/gateway/policies \ -H "Authorization: Bearer $EVALGUARD_API_KEY" \
TypeScript
import { EvalGuard } from "@evalguard/sdk";
const client = new EvalGuard({ apiKey: process.env.EVALGUARD_API_KEY });
const response = await client.request({
method: "POST",
path: "/api/v1/gateway/policies",
});
console.log(response);Python
from evalguard import EvalGuard import os client = EvalGuard(api_key=os.environ["EVALGUARD_API_KEY"]) response = client.request(method="POST", path="/api/v1/gateway/policies") print(response)
Go
package main
import (
"context"
"fmt"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequestWithContext(context.Background(), "POST", "https://evalguard.ai/api/v1/gateway/policies", nil)
req.Header.Set("Authorization", "Bearer "+os.Getenv("EVALGUARD_API_KEY"))
resp, err := http.DefaultClient.Do(req)
if err != nil { panic(err) }
defer resp.Body.Close()
fmt.Println(resp.Status)
}Errors
400401403404429