Access Policies

Access policies

An access policy is a set of rules and each one determines the access to one or multiple resources. Access policies can be managed via https://app.bird.com/settings/security/access-policies.

When creating access policies you should give access only to the resources you need to access via the API.

Creating an access policy

In this example we will create an access policy that will allow you to send and retrieve messages sent to any channels in your workspace

Create a custom policy
  1. The first step is to give your access policy a meaningful name and description.

    Access Policy Name and Description
  2. Next define a policy definition. The one shown will Allow you to Create (POST/Send) messages to the /channels endpoint and also create media for sending image messages

    Access Policy Create Definition
  3. The second policy definition will Allow you to View (GET) all messages and specific messages on channels

  4. Finally Create Policy

    Access Policy Get Definition

Understanding policy definitions

Policy definitions provide extremely fine grained control over the endpoints in your workspace. Each of your access policies can have one or more definitions. By default any endpoints that do not have explicit allow access (will result in access denied when trying to access them). Examining a definition in detail:

Last updated