Skip to content
Hyperproof API
/
/
Get Policies

Policies API (1.0)

Provides access to the policies that are part of a Hyperproof organization.

Download OpenAPI description
policies.openapi.json
policies.openapi.yaml
Languages
Servers
Mock server
https://developer.hyperproof.app/_mock/hyperproof-api/policies/policies.openapi
Hyperproof US
https://api.hyperproof.app/v1/policies
Hyperproof Gov
https://api.hyperproofgov.app/v1/policies
Hyperproof EU
https://api.hyperproof.eu/v1/policies

Get Policies

Request

GET /

Description

Retrieves a list of all policies within an organization, including details such as policy names, descriptions, and associated frameworks.

Security
oauth2
Query
statusstring

Filters policies by the provided object status

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/policies/policies.openapi/?status=string' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/jsonArray [
idstring(uuid)

The unique identifier of the policy.

Example: "d88d505d-5199-11ee-a644-522476618ae8"
orgIdstring(uuid)

The unique identifier of the organization the policy belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
namestring

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
effectiveDatestring(date-time)

The effective date of the policy (ISO-8601 format).

Example: "2025-06-12T18:26:10.005365Z"
nextRevisionDatestring(date-time)

The next revision date for the policy (ISO-8601 format).

Example: "2025-06-15T18:26:10.005365Z"
nextReviewDatestring(date-time)

The next review date for the policy (ISO-8601 format).

Example: "2025-06-16T18:26:10.005365Z"
policyApprovalStatusstring(PolicyApprovalStatus)
Enum"approved""approval""changesRequested""editing"
effectiveDocumentIdstring(uuid)

The unique identifier of the effective document of the policy.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
createdBystring(uuid)

The unique identifier of the user who created the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the policy was created (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the policy was last updated (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
permissionsArray of strings

The list of permissions for the policy.

Example: []
]
Response
application/json
[
  {
    "id": "d88d505d-5199-11ee-a644-522476618ae8",
    "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
    "name": "Password Policy",
    "description": "Password acceptance criteria.",
    "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "effectiveDate": "2025-06-12T18:26:10.0053650+00:00",
    "nextRevisionDate": "2025-06-15T18:26:10.0053650+00:00",
    "nextReviewDate": "2025-06-16T18:26:10.0053650+00:00",
    "policyApprovalStatus": "approved",
    "effectiveDocumentId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
    "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "createdOn": "2025-01-12T18:26:10.0053650+00:00",
    "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "updatedOn": "2025-01-12T18:26:10.0053650+00:00",
    "customFields": [],
    "status": "active",
    "permissions": []
  }
]

Add Policy

Request

POST /

Description

Creates a new policy within an organization, capturing details such as the policy name, description, and associated compliance framework.

Security
oauth2
Bodyapplication/json
namestringrequired

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"John Smith"}]
curl -i -X POST \
  https://developer.hyperproof.app/_mock/hyperproof-api/policies/policies.openapi/ \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Password Policy",
    "description": "Password acceptance criteria.",
    "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "customFields": [
      {
        "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "textValue": "John Smith"
      }
    ]
  }'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier of the policy.

Example: "d88d505d-5199-11ee-a644-522476618ae8"
orgIdstring(uuid)

The unique identifier of the organization the policy belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
namestring

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
effectiveDatestring(date-time)

The effective date of the policy (ISO-8601 format).

Example: "2025-06-12T18:26:10.005365Z"
nextRevisionDatestring(date-time)

The next revision date for the policy (ISO-8601 format).

Example: "2025-06-15T18:26:10.005365Z"
nextReviewDatestring(date-time)

The next review date for the policy (ISO-8601 format).

Example: "2025-06-16T18:26:10.005365Z"
policyApprovalStatusstring(PolicyApprovalStatus)
Enum"approved""approval""changesRequested""editing"
effectiveDocumentIdstring(uuid)

The unique identifier of the effective document of the policy.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
createdBystring(uuid)

The unique identifier of the user who created the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the policy was created (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the policy was last updated (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
permissionsArray of strings

The list of permissions for the policy.

Example: []
Response
application/json
{
  "id": "d88d505d-5199-11ee-a644-522476618ae8",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "name": "Password Policy",
  "description": "Password acceptance criteria.",
  "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "effectiveDate": "2025-06-12T18:26:10.0053650+00:00",
  "nextRevisionDate": "2025-06-15T18:26:10.0053650+00:00",
  "nextReviewDate": "2025-06-16T18:26:10.0053650+00:00",
  "policyApprovalStatus": "approved",
  "effectiveDocumentId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2025-01-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2025-01-12T18:26:10.0053650+00:00",
  "customFields": [
    {}
  ],
  "status": "active",
  "permissions": []
}

Update Policies

Request

PATCH /

Description

Updates policies within an organization, allowing modifications to their names, descriptions, or associated compliance details.

Security
oauth2
Bodyapplication/json
policyIdsArray of strings(uuid)required

The list of policy identifiers for bulk patching.

patchobject(PolicyPatch)required
Example: {"name":"Password Policy","description":"Password acceptance criteria.","ownerId":"82d7c228-8bcd-11e9-a94b-ab3de8494987","customFields":[{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"John Smith"}],"status":"active"}
patch.​namestring

The name of the policy.

Example: "Password Policy"
patch.​descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
patch.​ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
patch.​customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"John Smith"}]
patch.​statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
curl -i -X PATCH \
  https://developer.hyperproof.app/_mock/hyperproof-api/policies/policies.openapi/ \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "policyIds": [
      "string"
    ],
    "patch": {
      "name": "Password Policy",
      "description": "Password acceptance criteria.",
      "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
      "customFields": [
        {
          "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
          "textValue": "John Smith"
        }
      ],
      "status": "active"
    }
  }'

Responses

Success.

Bodyapplication/jsonArray [
idstring(uuid)

The unique identifier of the policy.

Example: "d88d505d-5199-11ee-a644-522476618ae8"
orgIdstring(uuid)

The unique identifier of the organization the policy belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
namestring

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
effectiveDatestring(date-time)

The effective date of the policy (ISO-8601 format).

Example: "2025-06-12T18:26:10.005365Z"
nextRevisionDatestring(date-time)

The next revision date for the policy (ISO-8601 format).

Example: "2025-06-15T18:26:10.005365Z"
nextReviewDatestring(date-time)

The next review date for the policy (ISO-8601 format).

Example: "2025-06-16T18:26:10.005365Z"
policyApprovalStatusstring(PolicyApprovalStatus)
Enum"approved""approval""changesRequested""editing"
effectiveDocumentIdstring(uuid)

The unique identifier of the effective document of the policy.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
createdBystring(uuid)

The unique identifier of the user who created the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the policy was created (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the policy was last updated (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
permissionsArray of strings

The list of permissions for the policy.

Example: []
]
Response
application/json
[
  {
    "id": "d88d505d-5199-11ee-a644-522476618ae8",
    "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
    "name": "Password Policy",
    "description": "Password acceptance criteria.",
    "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "effectiveDate": "2025-06-12T18:26:10.0053650+00:00",
    "nextRevisionDate": "2025-06-15T18:26:10.0053650+00:00",
    "nextReviewDate": "2025-06-16T18:26:10.0053650+00:00",
    "policyApprovalStatus": "approved",
    "effectiveDocumentId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
    "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "createdOn": "2025-01-12T18:26:10.0053650+00:00",
    "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "updatedOn": "2025-01-12T18:26:10.0053650+00:00",
    "customFields": [],
    "status": "active",
    "permissions": []
  }
]

Get Policy

Request

GET /{policyId}

Description

Retrieves a specified policy by its unique ID, including details such as policy name, description, and associated frameworks.

Security
oauth2
Path
policyIdstringrequired

Unique ID of the policy to retrieve.

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/policies/policies.openapi/{policyId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier of the policy.

Example: "d88d505d-5199-11ee-a644-522476618ae8"
orgIdstring(uuid)

The unique identifier of the organization the policy belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
namestring

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
effectiveDatestring(date-time)

The effective date of the policy (ISO-8601 format).

Example: "2025-06-12T18:26:10.005365Z"
nextRevisionDatestring(date-time)

The next revision date for the policy (ISO-8601 format).

Example: "2025-06-15T18:26:10.005365Z"
nextReviewDatestring(date-time)

The next review date for the policy (ISO-8601 format).

Example: "2025-06-16T18:26:10.005365Z"
policyApprovalStatusstring(PolicyApprovalStatus)
Enum"approved""approval""changesRequested""editing"
effectiveDocumentIdstring(uuid)

The unique identifier of the effective document of the policy.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
createdBystring(uuid)

The unique identifier of the user who created the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the policy was created (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the policy was last updated (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
permissionsArray of strings

The list of permissions for the policy.

Example: []
Response
application/json
{
  "id": "d88d505d-5199-11ee-a644-522476618ae8",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "name": "Password Policy",
  "description": "Password acceptance criteria.",
  "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "effectiveDate": "2025-06-12T18:26:10.0053650+00:00",
  "nextRevisionDate": "2025-06-15T18:26:10.0053650+00:00",
  "nextReviewDate": "2025-06-16T18:26:10.0053650+00:00",
  "policyApprovalStatus": "approved",
  "effectiveDocumentId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2025-01-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2025-01-12T18:26:10.0053650+00:00",
  "customFields": [
    {}
  ],
  "status": "active",
  "permissions": []
}

Update a single policy

Request

PATCH /{policyId}

Description

Updates an existing policy identified by its ID, allowing modifications to its name, description, or associated compliance details.

Security
oauth2
Path
policyIdstringrequired

Unique ID of the policy to patch.

Bodyapplication/json
namestring

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
curl -i -X PATCH \
  'https://developer.hyperproof.app/_mock/hyperproof-api/policies/policies.openapi/{policyId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Password Policy",
    "description": "Password acceptance criteria.",
    "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "customFields": [
      {
        "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "textValue": "John Smith"
      }
    ],
    "status": "active"
  }'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier of the policy.

Example: "d88d505d-5199-11ee-a644-522476618ae8"
orgIdstring(uuid)

The unique identifier of the organization the policy belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
namestring

The name of the policy.

Example: "Password Policy"
descriptionstring

The description of the policy.

Example: "Password acceptance criteria."
ownerIdstring(uuid)

The unique identifier of the owner of the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
effectiveDatestring(date-time)

The effective date of the policy (ISO-8601 format).

Example: "2025-06-12T18:26:10.005365Z"
nextRevisionDatestring(date-time)

The next revision date for the policy (ISO-8601 format).

Example: "2025-06-15T18:26:10.005365Z"
nextReviewDatestring(date-time)

The next review date for the policy (ISO-8601 format).

Example: "2025-06-16T18:26:10.005365Z"
policyApprovalStatusstring(PolicyApprovalStatus)
Enum"approved""approval""changesRequested""editing"
effectiveDocumentIdstring(uuid)

The unique identifier of the effective document of the policy.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
createdBystring(uuid)

The unique identifier of the user who created the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the policy was created (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the policy.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the policy was last updated (ISO-8601 format).

Example: "2025-01-12T18:26:10.005365Z"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
permissionsArray of strings

The list of permissions for the policy.

Example: []
Response
application/json
{
  "id": "d88d505d-5199-11ee-a644-522476618ae8",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "name": "Password Policy",
  "description": "Password acceptance criteria.",
  "ownerId": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "effectiveDate": "2025-06-12T18:26:10.0053650+00:00",
  "nextRevisionDate": "2025-06-15T18:26:10.0053650+00:00",
  "nextReviewDate": "2025-06-16T18:26:10.0053650+00:00",
  "policyApprovalStatus": "approved",
  "effectiveDocumentId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2025-01-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2025-01-12T18:26:10.0053650+00:00",
  "customFields": [
    {}
  ],
  "status": "active",
  "permissions": []
}
® 2026 Hyperproof All Rights Reserved.