List policy sets in a zone

GET/zones/{zone_id}/policy-sets

Path ParametersExpand Collapse

zone_id: string

Query ParametersExpand Collapse

active: optional boolean

Deprecated. Use filter[active] instead.

Filter by active binding status. When true, returns only policy sets with an active binding. When false, returns only policy sets without one. Omit to return all.

Still honored for backward compatibility. Supplying both active and filter[active] with conflicting values returns 400 Bad Request.

after: optional string

Cursor for forward pagination. Returned in Pagination.after_cursor. Mutually exclusive with before.

minLength1

maxLength255

before: optional string

Cursor for backward pagination. Returned in Pagination.before_cursor. Mutually exclusive with after.

minLength1

maxLength255

expand: optional array of "total_count"

Opt-in to additional response fields. Repeatable; matches the expand[] convention used across the Keycard API.

"filter[active]": optional boolean

Filter by active binding status. When true, returns only policy sets with an active binding. When false, returns only policy sets without one. Omit to return all.

"filter[owner_type]": optional array of string

Filter on owner_type. Repeatable; repeated instances OR across values (e.g. ?filter[owner_type]=platform&filter[owner_type]=customer matches either). See FilterValues in the shared spec for the full wire convention.

Allowed values: platform, customer. Unknown values return 400 with the list of allowed values. Comma-separated single values (e.g. ?filter[owner_type]=platform,customer) are rejected with a 400 pointing at the repeated-parameter OR form.

Note: the allowed-value enum is enforced in the handler (not as an OpenAPI items.enum) so the server can return a targeted error for the comma-AND form instead of a generic "not in allowed values" response.

"filter[scope_type]": optional array of string

Filter on scope_type (policy sets only). Repeatable; repeated instances OR across values. See FilterValues in the shared spec for the full wire convention.

Allowed values: zone, resource, user, session. Unknown values return 400 with the list of allowed values. Comma-separated single values are rejected with a 400 pointing at the repeated-parameter OR form.

limit: optional number

Maximum number of items to return per page.

minimum1

maximum100

order: optional "asc" or "desc"

Sort direction. Default is desc (newest first).

Accepts one of the following:

"asc"

"desc"

query: optional array of string

Case-insensitive substring search across all searchable fields of the resource. For policies that is name and description; for policy sets that is name. Repeatable; if multiple terms are supplied they are OR-ed.

"query[name]": optional array of string

Case-insensitive substring search on name. Repeatable; if multiple terms are supplied they are OR-ed (any matching term returns the row).

sort: optional "created_at"

Field to sort by.

Header ParametersExpand Collapse

"X-API-Version": optional string

"X-Client-Request-ID": optional string

formatuuid

ReturnsExpand Collapse

items: array of PolicySetWithBinding { active, active_version, active_version_id, 4 more }

active: optional boolean

Whether this policy set is currently bound to a scope

active_version: optional number

Human-readable version number of the active version (e.g., 1, 2, 3)

active_version_id: optional string

Public ID of the currently active (bound) version

mode: optional "active" or "shadow"

Accepts one of the following:

"active"

"shadow"

scope_target_id: optional string

shadow_version: optional number

Human-readable version number of the shadow version

shadow_version_id: optional string

Public ID of the shadow (observed) version, if any

pagination: object { after_cursor, before_cursor, total_count }

Cursor-based pagination metadata returned alongside a list of results

after_cursor: string

An opaque cursor used for paginating through a list of results

minLength1

maxLength255

before_cursor: string

An opaque cursor used for paginating through a list of results

minLength1

maxLength255

total_count: optional number

Total number of items across all pages. Only present when the request includes ?expand[]=total_count.

List policy sets in a zone

curl https://api.keycard.ai/zones/$ZONE_ID/policy-sets

{
  "items": [
    {
      "id": "id",
      "created_at": "2019-12-27T18:11:19.117Z",
      "created_by": "created_by",
      "name": "name",
      "owner_type": "platform",
      "scope_type": "zone",
      "updated_at": "2019-12-27T18:11:19.117Z",
      "zone_id": "zone_id",
      "archived_at": "2019-12-27T18:11:19.117Z",
      "latest_version": 0,
      "latest_version_id": "latest_version_id",
      "updated_by": "updated_by",
      "active": true,
      "active_version": 0,
      "active_version_id": "active_version_id",
      "mode": "active",
      "scope_target_id": "scope_target_id",
      "shadow_version": 0,
      "shadow_version_id": "shadow_version_id"
    }
  ],
  "pagination": {
    "after_cursor": "x",
    "before_cursor": "x",
    "total_count": 0
  }
}

Returns Examples

{
  "items": [
    {
      "id": "id",
      "created_at": "2019-12-27T18:11:19.117Z",
      "created_by": "created_by",
      "name": "name",
      "owner_type": "platform",
      "scope_type": "zone",
      "updated_at": "2019-12-27T18:11:19.117Z",
      "zone_id": "zone_id",
      "archived_at": "2019-12-27T18:11:19.117Z",
      "latest_version": 0,
      "latest_version_id": "latest_version_id",
      "updated_by": "updated_by",
      "active": true,
      "active_version": 0,
      "active_version_id": "active_version_id",
      "mode": "active",
      "scope_target_id": "scope_target_id",
      "shadow_version": 0,
      "shadow_version_id": "shadow_version_id"
    }
  ],
  "pagination": {
    "after_cursor": "x",
    "before_cursor": "x",
    "total_count": 0
  }
}