Create or Update Policy - Barndoor Documentation

Publish Policy

curl --request POST \
  --url https://{organization_id}.platform.barndoor.ai/api/policy \
  --header 'Authorization: Bearer <token>'

POST

api

policy

Publish Policy

curl --request POST \
  --url https://{organization_id}.platform.barndoor.ai/api/policy \
  --header 'Authorization: Bearer <token>'

This endpoint creates a policy in the v2 policy service.

v2 request shape

The v2 API accepts a single policy object. It no longer uses the old policies[].resourcePolicy wrapper. Important fields:

name: unique policy name within the organization
mcp_server_id: target MCP server
application_ids: agents/applications this policy applies to
status: DRAFT, ACTIVE, INACTIVE, or ARCHIVED
rules: array of rule objects using authorized, actions, roles_groups, and optional condition

Example:

{
  "name": "Slack outbound policy",
  "description": "Default outbound Slack controls for the support agent.",
  "support_contact": "[email protected]",
  "tags": ["slack", "support"],
  "status": "DRAFT",
  "mcp_server_id": "server_123",
  "application_ids": ["agent_456"],
  "rules": [
    {
      "name": "allow_all",
      "authorized": true,
      "actions": ["*"],
      "roles_groups": ["*"]
    },
    {
      "name": "block_general_channel",
      "authorized": false,
      "actions": ["tools/call:chat_postMessage"],
      "roles_groups": ["*"],
      "condition": {
        "match": {
          "all": {
            "of": [
              {
                "expr": "request.resource.attr.channel == \"general\""
              }
            ]
          }
        }
      }
    }
  ]
}

For a comprehensive guide, see Manage Access Policies.

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Response

200 - application/json

Successful Response

List Policies Validate Policy

​v2 request shape

Authorizations

Response

v2 request shape