Skip to content
API Reference
API Reference
Zones

Policies

List policies in a zone
zones.policies.list(strzone_id, PolicyListParams**kwargs) -> PolicyListResponse
GET/zones/{zone_id}/policies
Create a new policy
zones.policies.create(strzone_id, PolicyCreateParams**kwargs) -> Policy
POST/zones/{zone_id}/policies
Get a policy by ID
zones.policies.retrieve(strpolicy_id, PolicyRetrieveParams**kwargs) -> Policy
GET/zones/{zone_id}/policies/{policy_id}
Update a policy
zones.policies.update(strpolicy_id, PolicyUpdateParams**kwargs) -> Policy
PATCH/zones/{zone_id}/policies/{policy_id}
Archive a policy
zones.policies.archive(strpolicy_id, PolicyArchiveParams**kwargs) -> Policy
DELETE/zones/{zone_id}/policies/{policy_id}
ModelsExpand Collapse
class Policy:
id: str
created_at: datetime
formatdate-time
created_by: str
name: str
owner_type: Literal["platform", "customer"]

Who manages this policy:

  • "platform" — managed by the Keycard platform (system policies).
  • "customer" — managed by the tenant (custom policies).
Accepts one of the following:
"platform"
"customer"
updated_at: datetime
formatdate-time
zone_id: str
archived_at: Optional[datetime]
formatdate-time
description: Optional[str]
latest_version: Optional[int]

Human-readable version number of the latest version (e.g., 1, 2, 3)

latest_version_id: Optional[str]
updated_by: Optional[str]
class PolicyDraft:
cedar_json: object

Cedar policy in JSON representation

created_at: datetime
formatdate-time
policy_id: str
schema_version: str
updated_at: datetime
formatdate-time
updated_by: str

PoliciesVersions

List versions of a policy
zones.policies.versions.list(strpolicy_id, VersionListParams**kwargs) -> VersionListResponse
GET/zones/{zone_id}/policies/{policy_id}/versions
Create a new immutable policy version
zones.policies.versions.create(strpolicy_id, VersionCreateParams**kwargs) -> PolicyVersion
POST/zones/{zone_id}/policies/{policy_id}/versions
Get a specific policy version
zones.policies.versions.retrieve(strversion_id, VersionRetrieveParams**kwargs) -> PolicyVersion
GET/zones/{zone_id}/policies/{policy_id}/versions/{version_id}
Archive a policy version
zones.policies.versions.archive(strversion_id, VersionArchiveParams**kwargs) -> PolicyVersion
DELETE/zones/{zone_id}/policies/{policy_id}/versions/{version_id}
ModelsExpand Collapse
class PolicyVersion:
id: str
created_at: datetime
formatdate-time
created_by: str
policy_id: str
schema_version: str

Schema version this policy was validated against when created.

sha: str

Hex-encoded content hash

version: int
zone_id: str
archived_at: Optional[datetime]
formatdate-time
archived_by: Optional[str]
cedar_json: Optional[object]

Cedar policy in JSON representation. Populated when format=json (default).

cedar_raw: Optional[str]

Cedar policy in human-readable syntax. Populated when format=cedar.