Access Policies

Access policies

An access policy is a set of rules and each one determines the access to one or multiple resources. Access policies can be managed via https://app.bird.com/settings/access-policies.

When creating access policies you should give access only to the resources you need to access via the API.

Creating an access policy

In this example we will create an access policy that will allow you to send and retrieve messages sent to any channels in your workspace

The first step is to give your access policy a meaningful name and description.
Next define a policy definition. The one shown will Allow you to Create (POST/Send) messages to the /channels endpoint and also create media for sending image messages
The second policy definition will Allow you to View (GET) all messages and specific messages on channels
Finally Create Policy

Understanding policy definitions

Policy definitions provide extremely fine grained control over the endpoints in your workspace. Each of your access policies can have one or more definitions. By default any endpoints that do not have explicit allow access (will result in access denied when trying to access them). Examining a definition in detail:

Field Name

Description

Values

Last updated 3 months ago