Policies
Create a new org-level policy.
Org level Policy APIs Access Notice: Org level Policy APIs are only available for use with Code Consistent Ignores. For information about how to enable Code Consistent Ignores see this documentation.
Required permissions
Create Ignores (org.project.ignore.create)
Authorizations
Path parameters
org_idstring · uuidRequired
Org ID
Query parameters
versionstringRequiredExample:
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Body
Responses
201
A single policy is returned if it is successfully created.
application/vnd.api+json
400
Bad Request: A parameter provided as a part of the request was invalid.
application/vnd.api+json
401
Unauthorized: the request requires an authentication token.
application/vnd.api+json
403
Forbidden: the request requires an authentication token with more or different permissions.
application/vnd.api+json
404
Not Found: The resource being operated on could not be found.
application/vnd.api+json
500
Internal Server Error: An error was encountered while attempting to process the request.
application/vnd.api+json
post
POST /rest/orgs/{org_id}/policies HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 399
{
"data": {
"attributes": {
"action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"action_type": "ignore",
"conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"name": "text"
},
"meta": {
"key1": "value1",
"key2": {
"sub_key": "sub_value"
},
"key3": [
"array_value1",
"array_value2"
]
},
"type": "policy"
}
}{
"data": {
"attributes": {
"action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"action_type": "ignore",
"conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"created_at": "2024-03-16T00:00:00Z",
"created_by": {
"email": "text",
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text"
},
"name": "text",
"review": "pending",
"updated_at": "2024-03-16T00:00:00Z"
},
"id": "f16c31b5-6129-4571-add8-d589da9be524",
"type": "policy"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get all policies for the requested organisation.
Org level Policy APIs Access Notice: Org level Policy APIs are only available for use with Code Consistent Ignores. For information about how to enable Code Consistent Ignores see this documentation.
Required permissions
View Ignores (org.project.ignore.read)
Authorizations
Path parameters
org_idstring · uuidRequired
Org ID
Query parameters
versionstringRequiredExample:
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$starting_afterstringOptionalExample:
Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=ending_beforestringOptionalExample:
Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=limitinteger · int32 · min: 10 · max: 100OptionalDefault:
Number of results to return per page
10Example: 10searchstringOptional
Search keyword for searching fields ignored_by.name, ignored_by.email, ignore_type in policy_rules
order_bystring · enumOptionalPossible values:
The column name to sort on
order_directionstring · enumOptionalPossible values:
Sorting direction ASC/DESC
expires_beforestring · date-timeOptionalExample:
Select only policies with an expiry strictly before the given time.
2024-03-16T00:00:00Zexpires_afterstring · date-timeOptionalExample:
Select only policies with an expiry strictly past the given time.
2024-03-16T00:00:00Zexpires_neverbooleanOptionalExample:
Select only policies that never expire.
trueResponses
200
The policies for the requested organisation.
application/vnd.api+json
400
Bad Request: A parameter provided as a part of the request was invalid.
application/vnd.api+json
401
Unauthorized: the request requires an authentication token.
application/vnd.api+json
403
Forbidden: the request requires an authentication token with more or different permissions.
application/vnd.api+json
404
Not Found: The resource being operated on could not be found.
application/vnd.api+json
get
GET /rest/orgs/{org_id}/policies HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"action_type": "ignore",
"conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"created_at": "2024-03-16T00:00:00Z",
"created_by": {
"email": "text",
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text"
},
"name": "text",
"review": "pending",
"updated_at": "2024-03-16T00:00:00Z"
},
"id": "f16c31b5-6129-4571-add8-d589da9be524",
"type": "policy"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Update the org-level policy.
Org level Policy APIs Access Notice: Org level Policy APIs are only available for use with Code Consistent Ignores. For information about how to enable Code Consistent Ignores see this documentation.
Required permissions
Edit Ignores (org.project.ignore.edit)
Authorizations
Path parameters
org_idstring · uuidRequired
Org ID
policy_idstring · uuidRequired
Policy ID
Query parameters
versionstringRequiredExample:
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Body
Responses
200
A single policy is returned if it is successfully updated.
application/vnd.api+json
400
Bad Request: A parameter provided as a part of the request was invalid.
application/vnd.api+json
401
Unauthorized: the request requires an authentication token.
application/vnd.api+json
403
Forbidden: the request requires an authentication token with more or different permissions.
application/vnd.api+json
404
Not Found: The resource being operated on could not be found.
application/vnd.api+json
409
Conflict: The requested operation conflicts with the current state of the resource in some way.
application/vnd.api+json
patch
PATCH /rest/orgs/{org_id}/policies/{policy_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Content-Type: application/vnd.api+json
Accept: */*
Content-Length: 439
{
"data": {
"attributes": {
"action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"name": "text",
"review": "pending"
},
"id": "f16c31b5-6129-4571-add8-d589da9be524",
"meta": {
"key1": "value1",
"key2": {
"sub_key": "sub_value"
},
"key3": [
"array_value1",
"array_value2"
]
},
"type": "policy"
}
}{
"data": {
"attributes": {
"action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"action_type": "ignore",
"conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"created_at": "2024-03-16T00:00:00Z",
"created_by": {
"email": "text",
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text"
},
"name": "text",
"review": "pending",
"updated_at": "2024-03-16T00:00:00Z"
},
"id": "f16c31b5-6129-4571-add8-d589da9be524",
"type": "policy"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"self": "https://example.com/api/this_resource"
}
}Get a specific org-level policy based on its ID.
Org level Policy APIs Access Notice: Org level Policy APIs are only available for use with Code Consistent Ignores. For information about how to enable Code Consistent Ignores see this documentation.
Required permissions
View Ignores (org.project.ignore.read)
Authorizations
Path parameters
org_idstring · uuidRequired
Org ID
policy_idstring · uuidRequired
Policy ID
Query parameters
versionstringRequiredExample:
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Responses
200
The requested policy.
application/vnd.api+json
400
Bad Request: A parameter provided as a part of the request was invalid.
application/vnd.api+json
401
Unauthorized: the request requires an authentication token.
application/vnd.api+json
403
Forbidden: the request requires an authentication token with more or different permissions.
application/vnd.api+json
404
Not Found: The resource being operated on could not be found.
application/vnd.api+json
get
GET /rest/orgs/{org_id}/policies/{policy_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": {
"attributes": {
"action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"action_type": "ignore",
"conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"created_at": "2024-03-16T00:00:00Z",
"created_by": {
"email": "text",
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text"
},
"name": "text",
"review": "pending",
"updated_at": "2024-03-16T00:00:00Z"
},
"id": "f16c31b5-6129-4571-add8-d589da9be524",
"type": "policy"
},
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource",
"last": "https://example.com/api/resource",
"next": "https://example.com/api/resource",
"prev": "https://example.com/api/resource",
"related": "https://example.com/api/resource",
"self": "https://example.com/api/resource"
}
}Delete an existing org-level policy.
Org level Policy APIs Access Notice: Org level Policy APIs are only available for use with Code Consistent Ignores. For information about how to enable Code Consistent Ignores see this documentation.
Required permissions
Remove Ignores (org.project.ignore.delete)
Authorizations
Path parameters
org_idstring · uuidRequired
Org ID
policy_idstring · uuidRequired
Policy ID
Query parameters
versionstringRequiredExample:
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$Responses
204
The operation completed successfully with no content
400
Bad Request: A parameter provided as a part of the request was invalid.
application/vnd.api+json
401
Unauthorized: the request requires an authentication token.
application/vnd.api+json
403
Forbidden: the request requires an authentication token with more or different permissions.
application/vnd.api+json
404
Not Found: The resource being operated on could not be found.
application/vnd.api+json
500
Internal Server Error: An error was encountered while attempting to process the request.
application/vnd.api+json
delete
DELETE /rest/orgs/{org_id}/policies/{policy_id} HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
No content
Retrieve the event history for the given policy.
Org level Policy APIs Access Notice: Access to our Org level Policy APIs is currently restricted via "snykCodeConsistentIgnores" and "ignoreApprovalWorkflow" feature flags and will result in a 403 Forbidden error without the flag enabled. Please contact your account representative for eligibility requirements.
Required permissions
View Ignores (org.project.ignore.read)
Authorizations
Path parameters
org_idstring · uuidRequired
Org ID
policy_idstring · uuidRequired
Policy ID
Query parameters
versionstringRequiredExample:
Requested API version
2021-06-04Pattern: ^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$starting_afterstringOptionalExample:
Return the page of results immediately after this cursor
v1.eyJpZCI6IjEwMDAifQo=ending_beforestringOptionalExample:
Return the page of results immediately before this cursor
v1.eyJpZCI6IjExMDAifQo=limitinteger · int32 · min: 10 · max: 100OptionalDefault:
Number of results to return per page
10Example: 10Responses
200
The requested policy.
application/vnd.api+json
400
Bad Request: A parameter provided as a part of the request was invalid.
application/vnd.api+json
401
Unauthorized: the request requires an authentication token.
application/vnd.api+json
403
Forbidden: the request requires an authentication token with more or different permissions.
application/vnd.api+json
404
Not Found: The resource being operated on could not be found.
application/vnd.api+json
get
GET /rest/orgs/{org_id}/policies/{policy_id}/events HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*
{
"data": [
{
"attributes": {
"changes": {
"new_action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"new_conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"new_name": "text",
"new_review": "pending",
"old_action": {
"data": {
"expires": "2024-03-16T00:00:00Z",
"ignore_type": "wont-fix",
"reason": "text"
}
},
"old_conditions_group": {
"conditions": [
{
"field": "snyk/asset/finding/v1",
"operator": "includes",
"value": "text"
}
],
"logical_operator": "and"
},
"old_name": "text",
"old_review": "pending"
},
"comment": "text",
"created_at": "2024-03-16T00:00:00Z",
"created_by": {
"email": "text",
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "text"
},
"type": "approve"
},
"id": "f16c31b5-6129-4571-add8-d589da9be524",
"type": "policy_event"
}
],
"jsonapi": {
"version": "1.0"
},
"links": {
"first": "https://example.com/api/resource?ending_before=v1.eyJpZCI6IjExIn0K",
"last": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjMwIn0K",
"next": "https://example.com/api/resource?starting_after=v1.eyJpZCI6IjEwIn0K"
}
}Last updated
Was this helpful?