Skip to main content
ZNYX AI

Policies

GET/v1/policies/{tenant_id}/{app_id}/{agent_id}/{env}

Get Policy

Get policy for a scope. **Query Parameters**: - `version`: Specific version number (default: active version) - `resolved`: If true, return fully resolved policy with defaults merged **Returns**: - If `resolved=true`: Merged policy (default + tenant overrides) - If `resolved=false`: Raw policy for this scope only

Runtime, CI or Admin tokenscope: readoperation_id: policies.get

Authentication

Any bearer token belonging to the org can read this endpoint.

SDK install

pip install znyx-sdknpm install @znyx/sdk

Path parameters

NameTypeRequiredDescription
tenant_id#pathstringrequired
app_id#pathstringrequired
agent_id#pathstringrequired
env#pathstringrequired

Query parameters

NameTypeRequiredDescription
version#queryinteger | nulloptional
resolved#querybooleanoptional

Responses

StatusDescription
200Successful Response
422Validation Error

Response schema

any

Errors & what triggers them

CodeTriggerFix
401Missing or expired Authorization header.
403Token does not have org access (wrong org_id, or insufficient role).
404Resource does not exist in this org.

Notes & examples

`resolved=true` vs default

Without ?resolved=true, you get the raw policy stored for that exact scope — meaning overrides, not the merged result. If a detector isn't mentioned, it's absent from the response.

With ?resolved=true, the server walks up the scope hierarchy (env → agent → app → tenant → global default) and merges each layer in. The response is what the runtime actually enforces.

Use resolved=true when you're debugging "why didn't my policy fire?" and use the raw version when you're editing.

Versioning

The response includes version_number. Every PUT creates a new version; only the most recent is active unless you rolled back. Pass ?version=N to read a historical version.

Related

  • PUT /v1/policies/{tenant}/{app}/{agent}/{env} — upsert a new full policy.
  • PATCH .../detector/{name} — change just one detector without touching the rest.
  • GET .../history — list every version.
  • POST .../rollback/{version} — promote an older version to active.

Request

curl -X GET 'https://api.znyx.ai/v1/policies/00000000-0000-0000-0000-000000000000/00000000-0000-0000-0000-000000000000/00000000-0000-0000-0000-000000000000/prod' \
  -H 'Authorization: Bearer $ZNYX_TOKEN'

Response

application/json

Successful Response

null

Schema: any