Policies

Policies define a specific set of access permissions, and are a composable unit that can be assigned to both roles and users.

The policies Object

Field Name	Type	Description
id	uuid	Primary key of the policy (UUID format).
name	string	Name of the policy.
icon	string	Icon for the policy. Displayed in the TrackVision UI.
description	string	Description for the policy. Displayed in the TrackVision UI.
ip_access	string	CSV of IP addresses that this policy applies to. Allows you to configure an allowlist of IP addresses. If empty, no IP restrictions are applied.
enforce_tfa	boolean	Whether or not Two-Factor Authentication is required for users that have this policy.
admin_access	boolean	If this policy grants the user admin access. This means that users with this policy have full permissions to everything.
app_access	boolean	Whether or not users with this policy have access to use the TrackVision UI.
users	array of objects	The users this policy is assigned to directly, this does not include users which receive this policy through a role. Many-to-many relationship to users via the trackvision_access junction collection.
roles	array of objects	The roles this policy is assigned to. Many-to-many relationship to roles via the trackvision_access junction collection.
permissions	array of objects	The permissions assigned to this policy. One-to-many relationship to permissions.

List Policies

List all policies that exist in TrackVision.

Request

REST

GET /policies

SEARCH /policies

If using SEARCH you can provide a query object as the body of your request.

Learn more about SEARCH ->

GraphQL

POST /graphql/system

type Query {
	policies: [trackvision_policies]
}

Query Parameters

Supports all global query parameters.

Response

An array of up to limit policy objects. If no items are available, data will be an empty array.

Example

REST

GET /policies

SEARCH /policies

GraphQL

POST /graphql/system

query {
	policies {
		id
		name
		users {
			email
		}
	}
}

Retrieve a Policy

List an existing policy by primary key.

REST

GET /policies/:id

GraphQL

POST /graphql/system

type Query {
	policies_by_id(id: ID!): trackvision_policies
}

Query Parameters

Supports all global query parameters.

Response

Returns the requested policy object.

Example

REST

GET /policies/b4cb3b64-8580-4ad9-a099-eade6da24302

GraphQL

POST /graphql/system

query {
	policies_by_id(id: 2) {
		id
		name
		users {
			email
		}
	}
}

Create a Policy

Create a new policy.

Request

REST

POST /policies

Provide a policy object as the body of your request.

GraphQL

POST /graphql/system

type Mutation {
	create_policies_item(data: create_trackvision_policies_input!): trackvision_policies
}

Query Parameters

Supports all global query parameters.

Request Body

A partial policy object.

Response

Returns the policy object for the created policy.

Example

REST

POST /policies

{
	"name": "Intern Policy",
	"icon": "verified_user",
	"description": null,
	"admin_access": false,
	"app_access": true
}

GraphQL

POST /graphql/system

mutation {
	create_policies_item(
		data: { name: "Intern Policy", icon: "verified_user", description: null, admin_access: false, app_access: true }
	) {
		id
		name
		users {
			email
		}
	}
}

Create Multiple Policies

Create multiple new policies.

Request

REST

POST /policies

Provide an array of policy objects as the body of your request.

GraphQL

POST /graphql/system

type Mutation {
	create_policies_items(data: [create_trackvision_policies_input!]!): [trackvision_policies]
}

Query Parameters

Supports all global query parameters.

Request Body

An array of partial policy objects.

Response

Returns the policy objects for the created policies.

Example

REST

POST /policies

[
	{
		"name": "Intern Access",
		"icon": "verified_user",
		"description": null,
		"admin_access": false,
		"app_access": true
	},
	{
		"name": "Customer Access",
		"icon": "person",
		"description": null,
		"admin_access": false,
		"app_access": false
	}
]

GraphQL

POST /graphql/system

mutation {
	create_policies_items(
		data: [
			{ name: "Intern Access", icon: "verified_user", description: null, admin_access: false, app_access: true }
			{ name: "Customer Access", icon: "person", description: null, admin_access: false, app_access: false }
		]
	) {
		id
		name
		users {
			email
		}
	}
}

Update a Policy

Update an existing policy.

Request

REST

PATCH /policies/:id

Provide a partial policy object as the body of your request.

GraphQL

POST /graphql/system

type Mutation {
	update_policies_item(id: ID!, data: update_trackvision_policies_input): trackvision_policies
}

Query Parameters

Supports all global query parameters.

Request Body

A partial policy object.

Response

Returns the policy object for the updated policy.

Example

REST

PATCH /policies/c86c2761-65d3-43c3-897f-6f74ad6a5bd7

{
	"icon": "attractions"
}

GraphQL

POST /graphql/system

mutation {
	update_policies_item(id: "c86c2761-65d3-43c3-897f-6f74ad6a5bd7", data: { icon: "attractions" }) {
		id
		name
		users {
			email
		}
	}
}

Update Multiple Policies

Update multiple existing policies.

Request

REST

PATCH /policies

{
	"keys": policy_id_array,
	"data": partial_policy_object
}

GraphQL

POST /graphql/system

type Mutation {
	update_policies_items(ids: [ID!]!, data: update_trackvision_policies_input): [trackvision_policies]
}

Query Parameters

Supports all global query parameters.

Request Body

keys Required
Array of primary keys of the policies you'd like to update.

data Required
Any of the policy object's properties.

Response

Returns the policy objects for the updated policies.

Example

REST

PATCH /policies

{
	"keys": ["c86c2761-65d3-43c3-897f-6f74ad6a5bd7", "6fc3d5d3-a37b-4da8-a2f4-ed62ad5abe03"],
	"data": {
		"icon": "attractions"
	}
}

GraphQL

POST /graphql/system

mutation {
	update_policies_items(
		ids: ["c86c2761-65d3-43c3-897f-6f74ad6a5bd7", "6fc3d5d3-a37b-4da8-a2f4-ed62ad5abe03"]
		data: { icon: "attractions" }
	) {
		id
		name
		users {
			email
		}
	}
}

Delete a Policy

Delete an existing policy.

Request

REST

DELETE /policies/:id

GraphQL

POST /graphql/system

type Mutation {
	delete_policies_item(id: ID!): delete_one
}

Response

Empty body.

Example

REST

DELETE /policies/c86c2761-65d3-43c3-897f-6f74ad6a5bd7

GraphQL

POST /graphql/system

mutation {
	delete_policies_item(id: "c86c2761-65d3-43c3-897f-6f74ad6a5bd7") {
		id
	}
}

Delete Multiple Policies

Delete multiple existing policies.

Request

REST

DELETE /policies

Provide an array of policy IDs as the body of your request.

GraphQL

POST /graphql/system

type Mutation {
	delete_policies_items(ids: [ID!]!): delete_many
}

Request Body

An array of policy primary keys

Response

Empty body.

Example

REST

DELETE /policies

["653925a9-970e-487a-bfc0-ab6c96affcdc", "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"]

GraphQL

POST /graphql/system

mutation {
	delete_policies_items(ids: ["653925a9-970e-487a-bfc0-ab6c96affcdc", "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"]) {
		ids
	}
}