Policy evaluate

Evaluate organization policy for a tool name without executing the tool. wrapFetch calls this internally before outbound HTTP.

POST/v1/aegis/policy/evaluateBearer ingest key

Request body

FieldTypeRequiredDescription
organization_iduuidYesMust match the API key organization
agent_idstringYesAgent performing the action
tool_namestringYesStable tool identifier, e.g. stripe.paymentIntents.create
payloadobjectNoOptional context for conditional rules (amount_usd, etc.)
json
{
  "organization_id": "62a6c75a-41a1-43e2-a01f-87b5ebe374ff",
  "agent_id": "agt_e36f62a0e93747679a43a550",
  "tool_name": "stripe.paymentIntents.create",
  "payload": { "amount_usd": 249, "currency": "USD" }
}

Success response (200)

json
{
  "decision": "deny",
  "policy_id": "pol_…",
  "rule_id": "rule_…",
  "reason": "matched deny rule for stripe.paymentIntents.create",
  "engine": "rules"
}

decision is one of: allow, deny, allow_with_obligation. When no active policy exists, default is allow with policy_id: "none".

Errors

StatusBody
401Invalid ingest API key
403Organization mismatch for API key
422Missing organization_id, agent_id, or tool_name

cURL

bash
curl -X POST https://api.salanor.com/v1/aegis/policy/evaluate \
  -H "Authorization: Bearer $AEGIS_INGEST_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"organization_id":"…","agent_id":"…","tool_name":"stripe.paymentIntents.create"}'