Update OPA rules.
curl --request PUT \
--url https://{tenant}/api/org/opa \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"open_policy": {
"rules": "package dashboard_users\ndefault request_intent = \"read\"\nrequest_intent = \"write\" { input.request.method == \"POST\" }\nrequest_intent = \"write\" { input.request.method == \"PUT\" }\nrequest_intent = \"delete\" { input.request.method == \"DELETE\" }\ndeny[\"You cannot create a keyless API.\"] {\n request_intent == \"write\"\n contains(input.request.path, \"api/apis\")\n input.request.body.api_definition.use_keyless == true\n}"
}
}
'import requests
url = "https://{tenant}/api/org/opa"
payload = { "open_policy": { "rules": "package dashboard_users
default request_intent = \"read\"
request_intent = \"write\" { input.request.method == \"POST\" }
request_intent = \"write\" { input.request.method == \"PUT\" }
request_intent = \"delete\" { input.request.method == \"DELETE\" }
deny[\"You cannot create a keyless API.\"] {
request_intent == \"write\"
contains(input.request.path, \"api/apis\")
input.request.body.api_definition.use_keyless == true
}" } }
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.put(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'PUT',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
open_policy: {
rules: 'package dashboard_users\ndefault request_intent = "read"\nrequest_intent = "write" { input.request.method == "POST" }\nrequest_intent = "write" { input.request.method == "PUT" }\nrequest_intent = "delete" { input.request.method == "DELETE" }\ndeny["You cannot create a keyless API."] {\n request_intent == "write"\n contains(input.request.path, "api/apis")\n input.request.body.api_definition.use_keyless == true\n}'
}
})
};
fetch('https://{tenant}/api/org/opa', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenant}/api/org/opa",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POSTFIELDS => json_encode([
'open_policy' => [
'rules' => 'package dashboard_users
default request_intent = "read"
request_intent = "write" { input.request.method == "POST" }
request_intent = "write" { input.request.method == "PUT" }
request_intent = "delete" { input.request.method == "DELETE" }
deny["You cannot create a keyless API."] {
request_intent == "write"
contains(input.request.path, "api/apis")
input.request.body.api_definition.use_keyless == true
}'
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://{tenant}/api/org/opa"
payload := strings.NewReader("{\n \"open_policy\": {\n \"rules\": \"package dashboard_users\\ndefault request_intent = \\\"read\\\"\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"POST\\\" }\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"PUT\\\" }\\nrequest_intent = \\\"delete\\\" { input.request.method == \\\"DELETE\\\" }\\ndeny[\\\"You cannot create a keyless API.\\\"] {\\n request_intent == \\\"write\\\"\\n contains(input.request.path, \\\"api/apis\\\")\\n input.request.body.api_definition.use_keyless == true\\n}\"\n }\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.put("https://{tenant}/api/org/opa")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"open_policy\": {\n \"rules\": \"package dashboard_users\\ndefault request_intent = \\\"read\\\"\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"POST\\\" }\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"PUT\\\" }\\nrequest_intent = \\\"delete\\\" { input.request.method == \\\"DELETE\\\" }\\ndeny[\\\"You cannot create a keyless API.\\\"] {\\n request_intent == \\\"write\\\"\\n contains(input.request.path, \\\"api/apis\\\")\\n input.request.body.api_definition.use_keyless == true\\n}\"\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenant}/api/org/opa")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"open_policy\": {\n \"rules\": \"package dashboard_users\\ndefault request_intent = \\\"read\\\"\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"POST\\\" }\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"PUT\\\" }\\nrequest_intent = \\\"delete\\\" { input.request.method == \\\"DELETE\\\" }\\ndeny[\\\"You cannot create a keyless API.\\\"] {\\n request_intent == \\\"write\\\"\\n contains(input.request.path, \\\"api/apis\\\")\\n input.request.body.api_definition.use_keyless == true\\n}\"\n }\n}"
response = http.request(request)
puts response.read_body{
"Message": "OPA rules has been updated on org level.",
"Meta": null,
"Status": "OK"
}{
"Message": "Invalid OPA rules.",
"Meta": null,
"Status": "Error"
}{
"Message": "Not authorised",
"Meta": null,
"Status": "Error"
}{
"Message": "Your license does not support Open Policy.",
"Meta": null,
"Status": "Error"
}{
"Message": "Failed to unmarshal response body.",
"Meta": null,
"Status": "Error"
}Open Policy Agent
Update OPA rules.
Modify your OPA rules.
PUT
/
api
/
org
/
opa
Update OPA rules.
curl --request PUT \
--url https://{tenant}/api/org/opa \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"open_policy": {
"rules": "package dashboard_users\ndefault request_intent = \"read\"\nrequest_intent = \"write\" { input.request.method == \"POST\" }\nrequest_intent = \"write\" { input.request.method == \"PUT\" }\nrequest_intent = \"delete\" { input.request.method == \"DELETE\" }\ndeny[\"You cannot create a keyless API.\"] {\n request_intent == \"write\"\n contains(input.request.path, \"api/apis\")\n input.request.body.api_definition.use_keyless == true\n}"
}
}
'import requests
url = "https://{tenant}/api/org/opa"
payload = { "open_policy": { "rules": "package dashboard_users
default request_intent = \"read\"
request_intent = \"write\" { input.request.method == \"POST\" }
request_intent = \"write\" { input.request.method == \"PUT\" }
request_intent = \"delete\" { input.request.method == \"DELETE\" }
deny[\"You cannot create a keyless API.\"] {
request_intent == \"write\"
contains(input.request.path, \"api/apis\")
input.request.body.api_definition.use_keyless == true
}" } }
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.put(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'PUT',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
open_policy: {
rules: 'package dashboard_users\ndefault request_intent = "read"\nrequest_intent = "write" { input.request.method == "POST" }\nrequest_intent = "write" { input.request.method == "PUT" }\nrequest_intent = "delete" { input.request.method == "DELETE" }\ndeny["You cannot create a keyless API."] {\n request_intent == "write"\n contains(input.request.path, "api/apis")\n input.request.body.api_definition.use_keyless == true\n}'
}
})
};
fetch('https://{tenant}/api/org/opa', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenant}/api/org/opa",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POSTFIELDS => json_encode([
'open_policy' => [
'rules' => 'package dashboard_users
default request_intent = "read"
request_intent = "write" { input.request.method == "POST" }
request_intent = "write" { input.request.method == "PUT" }
request_intent = "delete" { input.request.method == "DELETE" }
deny["You cannot create a keyless API."] {
request_intent == "write"
contains(input.request.path, "api/apis")
input.request.body.api_definition.use_keyless == true
}'
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://{tenant}/api/org/opa"
payload := strings.NewReader("{\n \"open_policy\": {\n \"rules\": \"package dashboard_users\\ndefault request_intent = \\\"read\\\"\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"POST\\\" }\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"PUT\\\" }\\nrequest_intent = \\\"delete\\\" { input.request.method == \\\"DELETE\\\" }\\ndeny[\\\"You cannot create a keyless API.\\\"] {\\n request_intent == \\\"write\\\"\\n contains(input.request.path, \\\"api/apis\\\")\\n input.request.body.api_definition.use_keyless == true\\n}\"\n }\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.put("https://{tenant}/api/org/opa")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"open_policy\": {\n \"rules\": \"package dashboard_users\\ndefault request_intent = \\\"read\\\"\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"POST\\\" }\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"PUT\\\" }\\nrequest_intent = \\\"delete\\\" { input.request.method == \\\"DELETE\\\" }\\ndeny[\\\"You cannot create a keyless API.\\\"] {\\n request_intent == \\\"write\\\"\\n contains(input.request.path, \\\"api/apis\\\")\\n input.request.body.api_definition.use_keyless == true\\n}\"\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenant}/api/org/opa")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"open_policy\": {\n \"rules\": \"package dashboard_users\\ndefault request_intent = \\\"read\\\"\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"POST\\\" }\\nrequest_intent = \\\"write\\\" { input.request.method == \\\"PUT\\\" }\\nrequest_intent = \\\"delete\\\" { input.request.method == \\\"DELETE\\\" }\\ndeny[\\\"You cannot create a keyless API.\\\"] {\\n request_intent == \\\"write\\\"\\n contains(input.request.path, \\\"api/apis\\\")\\n input.request.body.api_definition.use_keyless == true\\n}\"\n }\n}"
response = http.request(request)
puts response.read_body{
"Message": "OPA rules has been updated on org level.",
"Meta": null,
"Status": "OK"
}{
"Message": "Invalid OPA rules.",
"Meta": null,
"Status": "Error"
}{
"Message": "Not authorised",
"Meta": null,
"Status": "Error"
}{
"Message": "Your license does not support Open Policy.",
"Meta": null,
"Status": "Error"
}{
"Message": "Failed to unmarshal response body.",
"Meta": null,
"Status": "Error"
}Was this page helpful?
⌘I