Skip to main content
POST
/
api
/
policy
Publish Policy
curl --request POST \
  --url https://{organization_id}.platform.barndoor.ai/api/policy \
  --header 'Authorization: Bearer <token>'
This endpoint creates a policy in the v2 policy service.

v2 request shape

The v2 API accepts a single policy object. It no longer uses the old policies[].resourcePolicy wrapper. Important fields:
  • name: unique policy name within the organization
  • mcp_server_id: target MCP server
  • application_ids: agents/applications this policy applies to
  • status: DRAFT, ACTIVE, INACTIVE, or ARCHIVED
  • rules: array of rule objects using authorized, actions, roles_groups, and optional condition
Example: 
{
  "name": "Slack outbound policy",
  "description": "Default outbound Slack controls for the support agent.",
  "support_contact": "[email protected]",
  "tags": ["slack", "support"],
  "status": "DRAFT",
  "mcp_server_id": "server_123",
  "application_ids": ["agent_456"],
  "rules": [
    {
      "name": "allow_all",
      "authorized": true,
      "actions": ["*"],
      "roles_groups": ["*"]
    },
    {
      "name": "block_general_channel",
      "authorized": false,
      "actions": ["tools/call:chat_postMessage"],
      "roles_groups": ["*"],
      "condition": {
        "match": {
          "all": {
            "of": [
              {
                "expr": "request.resource.attr.channel == \"general\""
              }
            ]
          }
        }
      }
    }
  ]
}
For a comprehensive guide, see Manage Access Policies.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Response

200 - application/json

Successful Response