Skip to main content
POST
/
access-rules
cURL
curl --request POST \
  --url https://api.opal.dev/v1/access-rules \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "Platform Engineering",
  "description": "This access rule represents all platform engineers in the company.",
  "admin_owner_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
  "status": "ACTIVE",
  "ruleClauses": {
    "when": {
      "clauses": [
        {
          "selectors": [
            {
              "key": "<any>",
              "value": "<any>",
              "connection_id": "<any>"
            }
          ]
        }
      ]
    },
    "unless": {
      "clauses": [
        {
          "selectors": [
            {
              "key": "<any>",
              "value": "<any>",
              "connection_id": "<any>"
            }
          ]
        }
      ]
    }
  }
}'
{
  "access_rule_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
  "name": "Platform Engineering",
  "description": "This access rule represents all platform engineers in the company.",
  "admin_owner_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
  "status": "ACTIVE",
  "ruleClauses": {
    "when": {
      "clauses": [
        {
          "selectors": [
            {
              "key": "<any>",
              "value": "<any>",
              "connection_id": "<any>"
            }
          ]
        }
      ]
    },
    "unless": {
      "clauses": [
        {
          "selectors": [
            {
              "key": "<any>",
              "value": "<any>",
              "connection_id": "<any>"
            }
          ]
        }
      ]
    }
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

UpdateAccessRuleInfo Object

Description

The UpdateAccessRuleInfo object is used as an input to the UpdateAccessRule and CreateAccessRule API.

name
string
required

The name of the access rule.

Example:

"Platform Engineering"

description
string
required

A description of the group.

Example:

"This access rule represents all platform engineers in the company."

admin_owner_id
string<uuid>
required

The ID of the owner of the group.

Example:

"7c86c85d-0651-43e2-a748-d69d658418e8"

status
enum<string>
required

The status of the access rule.

Available options:
ACTIVE,
PAUSED
Example:

"ACTIVE"

ruleClauses
object
required

Response

201 - application/json

The created access rule config for the group.

Access Rule Object

Description

The AccessRule object is used to represent an access rule configuration.

Usage Example

Get access rule configurations from the GET Access Rule Configs endpoint.

access_rule_id
string<uuid>
required

The ID (group ID) of the access rule.

Example:

"7c86c85d-0651-43e2-a748-d69d658418e8"

name
string
required

The name of the access rule.

Example:

"Platform Engineering"

description
string
required

A description of the group.

Example:

"This access rule represents all platform engineers in the company."

admin_owner_id
string<uuid>
required

The ID of the owner of the group.

Example:

"7c86c85d-0651-43e2-a748-d69d658418e8"

status
enum<string>
required

The status of the access rule.

Available options:
ACTIVE,
PAUSED
Example:

"ACTIVE"

ruleClauses
object
required