Organization policies

Allows you to define fine-grained access policies on your organization

List policies

List the IAM policies that are defined for this organization.

get

/organizations/{organizationId}/iam-policies

Authorizations
Path parameters
organizationIdstringrequired

The organization ID

Query parameters
limitinteger · min: 1 · max: 100 · default: 10

Limits the number of results to return

pageTokenstring

Pagination token that keeps of track of the current position in the list

reverseboolean

Order in which to retrieve the results

Responses
curl -L \
  --url '/organizations/{organizationId}/iam-policies' \
  --header 'Authorization: Bearer jwt'
{
  "results": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "text",
      "description": "text",
      "rolesDependencyCount": 1,
      "usersDependencyCount": 1,
      "createdAt": "2025-02-21T18:11:52.031Z",
      "updatedAt": "2025-02-21T18:11:52.031Z",
      "scope": "organization",
      "type": "managed",
      "metadata": {
        "clouds": [
          "platform"
        ],
        "apps": [
          "inbox"
        ],
        "groups": [
          "text"
        ]
      },
      "definitions": [
        {
          "effect": "allow",
          "resources": [
            "text"
          ],
          "actions": [
            "any"
          ],
          "conditionsAll": [
            {
              "any": {
                "ANY_ADDITIONAL_PROPERTY": {
                  "ANY_ADDITIONAL_PROPERTY": "text"
                }
              }
            }
          ]
        }
      ]
    }
  ],
  "nextPageToken": "text"
}

Create policy

Create a new IAM policy for this organization.

post

/organizations/{organizationId}/iam-policies

Authorizations
Path parameters
organizationIdstringrequired

The organization ID

Body
namestringrequired

IAM Policy name.

descriptionstring

IAM Policy description.

definitionsPolicyDefinitionsrequired

List of IAM Policy definitions.

metadataobject

Metadata for the IAM Role.

Responses
curl -L \
  --request POST \
  --url '/organizations/{organizationId}/iam-policies' \
  --header 'Authorization: Bearer jwt' \
  --header 'Content-Type: application/json' \
  --data '{"name":"text","definitions":[{"effect":"allow","resources":[null],"actions":["any"],"conditionsAll":[{"any":{"ANY_ADDITIONAL_PROPERTY":{}}}]}],"metadata":{"clouds":["platform"],"apps":["inbox"],"groups":[null]}}'
{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "rolesDependencyCount": 1,
  "usersDependencyCount": 1,
  "createdAt": "2025-02-21T18:11:52.031Z",
  "updatedAt": "2025-02-21T18:11:52.031Z",
  "scope": "organization",
  "type": "managed",
  "metadata": {
    "clouds": [
      "platform"
    ],
    "apps": [
      "inbox"
    ],
    "groups": [
      "text"
    ]
  },
  "definitions": [
    {
      "effect": "allow",
      "resources": [
        "text"
      ],
      "actions": [
        "any"
      ],
      "conditionsAll": [
        {
          "any": {
            "ANY_ADDITIONAL_PROPERTY": {
              "ANY_ADDITIONAL_PROPERTY": "text"
            }
          }
        }
      ]
    }
  ]
}

Get policy

Retrieve a single IAM policy.

get

/organizations/{organizationId}/iam-policies/{policyId}

Authorizations
Path parameters
organizationIdstringrequired

The organization ID

policyIdstringrequired

ID for an IAM policy

Responses
curl -L \
  --url '/organizations/{organizationId}/iam-policies/{policyId}' \
  --header 'Authorization: Bearer jwt'
{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "rolesDependencyCount": 1,
  "usersDependencyCount": 1,
  "createdAt": "2025-02-21T18:11:52.031Z",
  "updatedAt": "2025-02-21T18:11:52.031Z",
  "scope": "organization",
  "type": "managed",
  "metadata": {
    "clouds": [
      "platform"
    ],
    "apps": [
      "inbox"
    ],
    "groups": [
      "text"
    ]
  },
  "definitions": [
    {
      "effect": "allow",
      "resources": [
        "text"
      ],
      "actions": [
        "any"
      ],
      "conditionsAll": [
        {
          "any": {
            "ANY_ADDITIONAL_PROPERTY": {
              "ANY_ADDITIONAL_PROPERTY": "text"
            }
          }
        }
      ]
    }
  ]
}

Delete policy

Remove an IAM policy from the organization.

delete

/organizations/{organizationId}/iam-policies/{policyId}

Authorizations
Path parameters
organizationIdstringrequired

The organization ID

policyIdstringrequired

ID for an IAM policy

Responses
curl -L \
  --request DELETE \
  --url '/organizations/{organizationId}/iam-policies/{policyId}' \
  --header 'Authorization: Bearer jwt'

No body

Update policy

Update an IAM policy's properties.

patch

/organizations/{organizationId}/iam-policies/{policyId}

Authorizations
Path parameters
organizationIdstringrequired

The organization ID

policyIdstringrequired

ID for an IAM policy

Body
namestring

IAM Policy name.

descriptionstring

IAM Policy description.

definitionsPolicyDefinitions

List of IAM Policy definitions.

Responses
curl -L \
  --request PATCH \
  --url '/organizations/{organizationId}/iam-policies/{policyId}' \
  --header 'Authorization: Bearer jwt' \
  --header 'Content-Type: application/json' \
  --data '{"definitions":[{"effect":"allow","resources":[null],"actions":["any"],"conditionsAll":[{"any":{"ANY_ADDITIONAL_PROPERTY":{}}}]}]}'
{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "rolesDependencyCount": 1,
  "usersDependencyCount": 1,
  "createdAt": "2025-02-21T18:11:52.031Z",
  "updatedAt": "2025-02-21T18:11:52.031Z",
  "scope": "organization",
  "type": "managed",
  "metadata": {
    "clouds": [
      "platform"
    ],
    "apps": [
      "inbox"
    ],
    "groups": [
      "text"
    ]
  },
  "definitions": [
    {
      "effect": "allow",
      "resources": [
        "text"
      ],
      "actions": [
        "any"
      ],
      "conditionsAll": [
        {
          "any": {
            "ANY_ADDITIONAL_PROPERTY": {
              "ANY_ADDITIONAL_PROPERTY": "text"
            }
          }
        }
      ]
    }
  ]
}

Last updated

Was this helpful?