Gets the policy with trigger combinations
get
/policy/risk/v1/policies/{policygid}
Policy Browser is intended for migration customers who wishes to see the old policies created in their system. This API can be used to form the trigger combination body if its required to update a trigger combination.
Request
Path Parameters
-
policygid(required): string
Identifier of the policy.
There's no request body for this operation.
Back to TopResponse
Supported Media Types
- application/xml
- application/json
200 Response
Policy information
Root Schema : PolicyDetailedResponse
Type:
object
Policy Detail with Trigger Combinations for Policy Browser
Show Source
-
checkpoint: string
Checkpoint of the policy.
-
message: string
Message related to the status of the request
-
policyDescription: string
Description of the policy.
-
policygid: string
Identifier of the policy.
-
policyname: string
Name of the policy.
-
policyStatus: string
Status of the policy.
-
rules: array
rules
-
scoringEngine: string
Scoring Engine of the policy.
-
status: string
Status of the request
-
triggerCombinations: array
triggerCombinations
-
weight: string
Weight of the policy.
Nested Schema : rules
Type:
Show Source
array
-
Array of:
object RuleObjectDetail
Rule detail for PolicyDetailedResponse for Policy Browser
Nested Schema : triggerCombinations
Type:
Show Source
array
-
Array of:
object TriggerCombinationsObject
Trigger Combinations detail for PolicyDetailedResponse for Policy Browser
Nested Schema : RuleObjectDetail
Type:
object
Rule detail for PolicyDetailedResponse for Policy Browser
Show Source
-
actionGroup: string
Action group name
-
alertGroup: string
Alert group name
-
rulegid: string
Unique identifier for Rule
-
ruleName: string
Name of the Rule
-
ruleNotes: string
Description of the rule
-
ruleStatus: string
Status of the rule
-
score: integer
Score returned by the rule
-
weight: integer
Weight if the score if there are multiple rules in the context.
Nested Schema : TriggerCombinationsObject
Type:
object
Trigger Combinations detail for PolicyDetailedResponse for Policy Browser
Show Source
-
actionGroup: string
Action group name
-
alertGroup: string
Alert group id
-
description: string
Description of trigger combination
-
score: integer
Score of trigger combination
-
triggerCombinations: array
triggerCombinations
Nested Schema : triggerCombinations
Type:
Show Source
array
-
Array of:
object RuleResult
Rule and Result for trigger combinations
Nested Schema : RuleResult
Type:
object
Rule and Result for trigger combinations
Show Source
-
ruleName: string
Name of the rule associated with trigger combination
-
ruleResult: string
Result value of the rule associated with trigger combination
401 Response
Unauthorized
500 Response
Internal server error
503 Response
Service Unavailable
Examples
The following example shows a sample request and response for retrieving an OAAM policy based on the Policy Gid. You can find the Policy Gid on the OAAM Policy Explorer.
cURL Command to Retrieve Existing OAAM Policy in JSON Format
curl --location --request GET '<PolicyUrl>/policy/risk/v1/policies/<policy_gid>' \ --header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \ --header 'Content-Type: application/json' \ --data '{ "description": "Assertion Level between 50 and 100", "rules": [ { "ruleName": "Challenge SMS Available", "ruleResult": "ANY" }, { "ruleName": "Maximum failed Email attempts", "ruleResult": "ANY" }, { "ruleName": "Maximum failed SMS attempts", "ruleResult": "ANY" }, { "ruleName": "Maximum failed Question attempts", "ruleResult": "ANY" }, { "ruleName": "Challenge Email Available", "ruleResult": "ANY" }, { "ruleName": "Questions Active", "ruleResult": "ANY" }, { "ruleName": "Check for High Risk Score", "ruleResult": "ANY" }, { "ruleName": "Assertion Level <=50", "ruleResult": "ANY" }, { "ruleName": "Assertion Level 50 -100", "ruleResult": "TRUE" }, { "ruleName": "Assertion level 100-150", "ruleResult": "ANY" }, { "ruleName": "AssertionLevel 150-200", "ruleResult": "ANY" }, { "ruleName": "Assertion Level 200-250", "ruleResult": "ANY" } ], "score": "400", "actionGroup": "OAAM Challenge SMS", "alertGroup": "10003" }'
Sample Response in JSON Format
{ "policyName": "does user have profile", "status": "200", "message": "Policy information.", "policygid": "51143_424de17591ff7cb74bba3759a9fa6aaf453769e756b08693b43253d09a113439", "policyname": "does user have profile", "policyDescription": "This policy checks if pattern auto learning is enabled and if a user has past behavior recorded. Users with enough recorded behavior will be evaluated against their own profile while users without enough recorded behavior will be evaluated against the profiles of all other users.", "policyStatus": "ACTIVE", "policyStatusDisplayValue": "Active", "checkpoint": "User Authentication", "scoringEngine": "Average", "weight": "100", "rules": [ { "rulegid": "51356_3d3903a75f923ab9925c3a7b5935d03cd2e9e4a31936f7ec7ad1c1294f71969a", "ruleName": "Does user have a profile", "score": "0", "weight": "100", "ruleStatus": "ACTIVE", "ruleStatusDisplayValue": "Active", "ruleNotes": "This rule checks if the pattern auto learning is enabled and if the user has a historical behavior profile." }, { "rulegid": "9353_e49b40e49ebac38d36f5ce08ea16afc25a2e1e57642b2a7e8f9ee47a6844927b", "ruleName": "Is there enough pattern data available?", "score": "0", "weight": "100", "ruleStatus": "ACTIVE", "ruleStatusDisplayValue": "Active", "ruleNotes": "Rule checks if enough pattern data is available so that auto-learning rules can make use of it." } ], "triggerCombinations": [ { "description": "If the profile contains enough recorded behavior, the user is evaluated by this policy.", "rules": [ { "ruleName": "Does user have a profile", "ruleResult": "True" }, { "ruleName": "Is there enough pattern data available?", "ruleResult": "True" } ], "score": "0" }, { "description": "If a user does not have enough recorded behavior in their profile they will be evaluated by this policy.", "rules": [ { "ruleName": "Does user have a profile", "ruleResult": "Any" }, { "ruleName": "Is there enough pattern data available?", "ruleResult": "True" } ], "score": "0" } ] }
cURL Command to Retrieve Existing OAAM Policy in XML Format
curl --location --request GET '<PolicyUrl>/policy/risk/v1/policies/<policy_gid>' \ --header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \ --header 'Content-Type: application/xml' \ --header 'Accept: application/xml' \ --data '<?xml version="1.0" encoding="UTF-8" ?> <TriggerCombinationsObject> <description>Assertion Level between 50 and 100</description> <rules> <ruleName>Challenge SMS Available</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Maximum failed Email attempts</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Maximum failed SMS attempts</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Maximum failed Question attempts</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Challenge Email Available</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Questions Active</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Check for High Risk Score</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Assertion Level <=50</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Assertion Level 50 -100</ruleName> <ruleResult>TRUE</ruleResult> </rules> <rules> <ruleName>Assertion level 100-150</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>AssertionLevel 150-200</ruleName> <ruleResult>ANY</ruleResult> </rules> <rules> <ruleName>Assertion Level 200-250</ruleName> <ruleResult>ANY</ruleResult> </rules> <score>400</score> <actionGroup>OAAM Challenge SMS</actionGroup> <alertGroup>10003</alertGroup> </TriggerCombinationsObject> '
Sample Response in XML Format
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <PolicyDetailedResponse> <policyName>does user have profile</policyName> <status>200</status> <message>Policy information.</message> <policygid>51143_424de17591ff7cb74bba3759a9fa6aaf453769e756b08693b43253d09a113439</policygid> <policyname>does user have profile</policyname> <policyDescription>This policy checks if pattern auto learning is enabled and if a user has past behavior recorded. Users with enough recorded behavior will be evaluated against their own profile while users without enough recorded behavior will be evaluated against the profiles of all other users.</policyDescription> <policyStatus>ACTIVE</policyStatus> <policyStatusDisplayValue>Active</policyStatusDisplayValue> <checkpoint>User Authentication</checkpoint> <scoringEngine>Average</scoringEngine> <weight>100</weight> <rules> <rulegid>51356_3d3903a75f923ab9925c3a7b5935d03cd2e9e4a31936f7ec7ad1c1294f71969a</rulegid> <ruleName>Does user have a profile</ruleName> <score>0</score> <weight>100</weight> <ruleStatus>ACTIVE</ruleStatus> <ruleStatusDisplayValue>Active</ruleStatusDisplayValue> <ruleNotes>This rule checks if the pattern auto learning is enabled and if the user has a historical behavior profile.</ruleNotes> </rules> <rules> <rulegid>9353_e49b40e49ebac38d36f5ce08ea16afc25a2e1e57642b2a7e8f9ee47a6844927b</rulegid> <ruleName>Is there enough pattern data available?</ruleName> <score>0</score> <weight>100</weight> <ruleStatus>ACTIVE</ruleStatus> <ruleStatusDisplayValue>Active</ruleStatusDisplayValue> <ruleNotes>Rule checks if enough pattern data is available so that auto-learning rules can make use of it.</ruleNotes> </rules> <triggerCombinations> <description>If the profile contains enough recorded behavior, the user is evaluated by this policy.</description> <rules> <ruleName>Does user have a profile</ruleName> <ruleResult>True</ruleResult> </rules> <rules> <ruleName>Is there enough pattern data available?</ruleName> <ruleResult>True</ruleResult> </rules> <score>0</score> </triggerCombinations> <triggerCombinations> <description>If a user does not have enough recorded behavior in their profile they will be evaluated by this policy.</description> <rules> <ruleName>Does user have a profile</ruleName> <ruleResult>Any</ruleResult> </rules> <rules> <ruleName>Is there enough pattern data available?</ruleName> <ruleResult>True</ruleResult> </rules> <score>0</score> </triggerCombinations> </PolicyDetailedResponse>