x-cpod-domain: policies
Policies
Org-wide policy documents (acceptable use, data handling). Sits adjacent to GRC.
Try in explorer
client.policiesPolicy
A versioned policy document with an owner and review cadence.
REST path
/api/v1/policiesOperations
listgetcreateupdatecompleteSDK
// list — returns only your records; add filters/search:
await client.policies.policies.list()
// create:
await client.policies.policies.create({
id: "rec_01HXEXAMPLE",
tenant_id: "example tenant_id",
created_at: "2026-01-01T00:00:00Z",
updated_at: "2026-01-01T00:00:00Z",
app_id: "example app_id",
created_by: "rec_01HXEXAMPLE",
})| Field | Type | Description |
|---|---|---|
| id* | uuid | Server-assigned ULID with type prefix (e.g. per_…). |
| tenant_id* | string | Tenant scope — auto-stamped from the caller's JWT. |
| app_id | string | App scope. Stamped ONLY when the caller's JWT was minted for a specific Application (integration API keys). Absent for human-user sessions. Filters reads when present. |
| created_at* | date-time | Server stamp. |
| updated_at* | date-time | Server stamp; updated on every patch. |
| created_by | uuid | Person id from the caller's JWT (sub). |
| updated_by | uuid | Person id from the last writer's JWT (sub). |
| source | string | Provenance tag — defaults to 'edm'. |
| source_type | enum | Where the write originated. Defaults to 'api'.frontendbackendserversystemapi |
| is_deleted | boolean | Soft-delete flag. Excluded from default list queries. |
| deleted_at | date-time | Stamped when soft-deleted; null otherwise. |
| deleted_by | uuid | Person id who soft-deleted; null otherwise. |
| schema_version | number | Document schema version. Bumped on incompatible writes. |
| name | string | Human-readable name for this SLA policy. |
| description | string | Optional description of when and why this SLA policy applies. |
| applies_to | json | The ticket types this SLA policy governs. A policy may apply to multiple ticket types. |
| priority | string | The ticket priority tier this policy applies to. Each priority level should have at most one active SLA policy per ticket type. |
| first_response_minutes | number | Target number of minutes from ticket creation to first agent response. The SLA clock starts at ticket creation. |
| resolution_minutes | number | Target number of minutes from ticket creation to full resolution. |
| business_hours_only | boolean | When true, the SLA clock pauses outside of the tenant's configured business hours and on public holidays. |
| status | string | Whether this policy is currently enforced. Inactive policies are retained for historical reference. |
| body | string | Full policy text (markdown). |
| version | string | Policy version identifier (e.g. 1.2.0). |
| category | enum | Policy domain / category.securityprivacyhrcompliancefinanceoperationsother |
| owner_id | uuid | Policy owner (user id). |
| published_at | date-time | Timestamp the policy was published. |
| next_review_at | date-time | Timestamp the policy is next due for review. |
| tags | json | Free-form tags for categorizing the policy. |