Skip to main content
Endpoint: GET /api/v1/policies Purpose: Return the set of enabled policies for the authenticated user. Each entry is grouped by a policy code and includes the display name, an enabled flag, and a short policy_name identifier.

Request

No body required. Headers
  • Authorization: Bearer <API_TOKEN>
Query params
  • (none)
Notes
  • Keys in the policy object are the policy codes (e.g., LLM01__...).

Response

Field meanings
  • policy — object keyed by policy code.
    • name — human‑readable policy name (e.g., “Prompt Injection”).
    • enabled — whether this policy is active for your tenant.
    • policy_name — short identifier/alias you may surface in UIs or logs.

cURL

Python

JavaScript

TypeScript

Java

C#

PHP

Go

Rust

HTTP Status Codes

  • 200 OK — policies returned successfully
  • 401 Unauthorized — missing/invalid Authorization bearer token
  • 429 Too Many Requests — (if rate‑limit enabled)
  • 5xx — server error

Troubleshooting

  • Empty set — ensure your token belongs to a user with enabled policies.
  • 401 — verify the bearer token and that it hasn’t expired/revoked.
  • Different base URL — in production use https://sagexai.com instead of http://sagexai.com.