Skip to main content

Create a new policy

Create a new policy to apply rate limiting, access control, or accounting rules to an endpoint.

Endpoint

POST /policies/

Authentication

Requires tenant authentication via the X-Tenant-ID header or similar tenant identification mechanism.

Request body

name
string
required
Name for the policy
policy_type
string
required
Policy type name. Available types: rate_limit, accounting, access
configuration
object
required
Configuration object matching the schema for the specified policy type. See policy types for available configuration options.
endpoint_id
string
required
UUID of the endpoint to attach this policy to

Response

Returns the created policy with status code 201.
id
string
Unique identifier (UUID) of the policy
name
string
Policy name
policy_type
string
Policy type name
configuration
object
Policy configuration object
endpoint_id
string
UUID of the endpoint this policy is attached to
created_at
string
Creation timestamp in ISO 8601 format
updated_at
string
Last update timestamp in ISO 8601 format

Example request

curl -X POST https://api.syftspace.example/policies/ \
  -H "Content-Type: application/json" \
  -H "X-Tenant-ID: your-tenant-id" \
  -d '{
    "name": "Rate limit 100/min",
    "policy_type": "rate_limit",
    "configuration": {
      "limit": "100/m",
      "scope": "per_user",
      "applied_to": ["*"]
    },
    "endpoint_id": "123e4567-e89b-12d3-a456-426614174000"
  }'

Example response

{
  "id": "987fcdeb-51a2-43d7-8901-abcdef123456",
  "name": "Rate limit 100/min",
  "policy_type": "rate_limit",
  "configuration": {
    "limit": "100/m",
    "scope": "per_user",
    "applied_to": ["*"]
  },
  "endpoint_id": "123e4567-e89b-12d3-a456-426614174000",
  "created_at": "2026-03-01T10:30:00Z",
  "updated_at": "2026-03-01T10:30:00Z"
}

Build docs developers (and LLMs) love

Get started for freeTalk to us