Skip to main content
POST
/
v1
/
policies
curl -X POST https://api.truthlocks.com/v1/policies \
  -H "X-API-Key: tl_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "US Issuers Only",
    "category": "MINT",
    "status": "ACTIVE",
    "description": "Restrict minting to US-based issuers",
    "language": "json_rules",
    "rules": {
      "rules": [
        {
          "id": "us_only",
          "description": "US jurisdiction required",
          "conditions": [
            { "field": "jurisdiction", "op": "eq", "value": "US" }
          ],
          "effect": "ALLOW"
        }
      ],
      "default_effect": "DENY"
    }
  }'

{
  "id": "pol_abc123",
  "tenant_id": "tenant-uuid",
  "name": "US Issuers Only",
  "category": "MINT",
  "status": "ACTIVE",
  "description": "Restrict minting to US-based issuers",
  "rules": {
    "rules": [
      {
        "id": "us_only",
        "description": "US jurisdiction required",
        "conditions": [
          { "field": "jurisdiction", "op": "eq", "value": "US" }
        ],
        "effect": "ALLOW"
      }
    ],
    "default_effect": "DENY"
  },
  "version": 1,
  "language": "json_rules",
  "created_at": "2026-03-31T10:00:00Z",
  "updated_at": "2026-03-31T10:00:00Z"
}
Creates a policy for the authenticated tenant. Set status to DRAFT to save without enforcing, or ACTIVE to begin enforcement immediately. Each policy contains a set of rules evaluated in order. The first matching rule determines the outcome. If no rule matches, the default_effect applies.
See the issuance policies guide for a walkthrough of rule syntax, condition operators, and lifecycle management.

Parameters

name
string
required
A human-readable name for the policy (e.g., “US Issuers Only”).
category
string
required
The action this policy applies to: MINT, VERIFY, or BUNDLE_EXPORT.
status
string
required
Initial status: DRAFT, ACTIVE, or DISABLED. Only ACTIVE policies are enforced.
description
string
Optional description explaining the policy’s purpose.
language
string
Rule language. Use json_rules for the built-in JSON rules engine.
rules
object
required
The rule set containing an array of rules and a default_effect.
curl -X POST https://api.truthlocks.com/v1/policies \
  -H "X-API-Key: tl_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "US Issuers Only",
    "category": "MINT",
    "status": "ACTIVE",
    "description": "Restrict minting to US-based issuers",
    "language": "json_rules",
    "rules": {
      "rules": [
        {
          "id": "us_only",
          "description": "US jurisdiction required",
          "conditions": [
            { "field": "jurisdiction", "op": "eq", "value": "US" }
          ],
          "effect": "ALLOW"
        }
      ],
      "default_effect": "DENY"
    }
  }'

Responses

{
  "id": "pol_abc123",
  "tenant_id": "tenant-uuid",
  "name": "US Issuers Only",
  "category": "MINT",
  "status": "ACTIVE",
  "description": "Restrict minting to US-based issuers",
  "rules": {
    "rules": [
      {
        "id": "us_only",
        "description": "US jurisdiction required",
        "conditions": [
          { "field": "jurisdiction", "op": "eq", "value": "US" }
        ],
        "effect": "ALLOW"
      }
    ],
    "default_effect": "DENY"
  },
  "version": 1,
  "language": "json_rules",
  "created_at": "2026-03-31T10:00:00Z",
  "updated_at": "2026-03-31T10:00:00Z"
}

curl -X POST https://api.truthlocks.com/v1/policies \
  -H "X-API-Key: tlk_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "US Issuers Only",
    "category": "MINT",
    "status": "ACTIVE",
    "description": "Restrict minting to US-based issuers",
    "language": "json_rules",
    "rules": {
      "rules": [
        {
          "id": "us_only",
          "description": "US jurisdiction required",
          "conditions": [
            { "field": "jurisdiction", "op": "eq", "value": "US" }
          ],
          "effect": "ALLOW"
        }
      ],
      "default_effect": "DENY"
    }
  }'