Skip to main content
GET
/
access-rules
/
{access_rule_id}
cURL
curl --request GET \
  --url https://api.opal.dev/v1/access-rules/{access_rule_id} \
  --header 'Authorization: Bearer <token>'
{
  "access_rule_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
  "name": "Platform Engineering",
  "description": "This access rule represents all platform engineers in the company.",
  "admin_owner_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
  "status": "ACTIVE",
  "ruleClauses": {
    "when": {
      "clauses": [
        {
          "selectors": [
            {
              "key": "<string>",
              "value": "<string>",
              "connection_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
            }
          ],
          "attribute_selectors": [
            {
              "attribute": "HR_IDP_STATUS",
              "values": [
                "<string>"
              ]
            }
          ]
        }
      ]
    },
    "unless": {
      "clauses": [
        {
          "selectors": [
            {
              "key": "<string>",
              "value": "<string>",
              "connection_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
            }
          ],
          "attribute_selectors": [
            {
              "attribute": "HR_IDP_STATUS",
              "values": [
                "<string>"
              ]
            }
          ]
        }
      ]
    }
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.opal.dev/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

access_rule_id
string<uuid>
required

The access rule ID (group ID) of the access rule.

Response

200 - application/json

The access rules for the group.

Access Rule Object

Description

The AccessRule object is used to represent an access rule configuration.

Usage Example

List access rules from the GET /access-rules endpoint, or retrieve a single access rule from the GET /access-rules/{access_rule_id} endpoint.

access_rule_id
string<uuid>
required

The ID (group ID) of the access rule.

Example:

"7c86c85d-0651-43e2-a748-d69d658418e8"

name
string
required

The name of the access rule.

Example:

"Platform Engineering"

description
string
required

A description of the group.

Example:

"This access rule represents all platform engineers in the company."

admin_owner_id
string<uuid>
required

The ID of the owner of the group.

Example:

"7c86c85d-0651-43e2-a748-d69d658418e8"

status
enum<string>
required

The status of the access rule.

Available options:
ACTIVE,
PAUSED
Example:

"ACTIVE"

ruleClauses
object
required
Last modified on May 13, 2026