Skip to main content

Admin endpoints — routing policies

Controls which backing provider serves each capability for a client/brand. A policy maps a capability (e.g. send-SMS, verify-identity) to a target provider, optionally with a default, so the platform knows which provider to route each customer request to (see overview → how requests are routed). This group also maintains the catalogue of providers a policy can target.

Auth: Entra ID JWT bearer with the ADMIN role. The formal schema is on the API Reference.

Policies (per client/brand)

MethodPathCodeDoes
GET/v1/admin/clients/{slug}/policies200List all of the tenant's policies
PUT/v1/admin/clients/{slug}/policies200Replace the tenant's full policy set
GET/v1/admin/clients/{slug}/policies/{capabilityKey}200Read the policy for one capability
PUT/v1/admin/clients/{slug}/policies/{capabilityKey}200Replace the policy for one capability
DELETE/v1/admin/clients/{slug}/policies/{capabilityKey}204Remove the policy for one capability

Provider catalogue

The set of backing providers a policy may target, exposed as the connectors resource.

MethodPathCodeDoes
GET/v1/admin/connectors200List the registered (active) providers
POST/v1/admin/connectors201Register a provider
PATCH/v1/admin/connectors/{connectorKey}/base-url200Update a provider's base URL
DELETE/v1/admin/connectors/{connectorKey}204Retire a provider

Capabilities

MethodPathCodeDoes
GET/v1/admin/capabilities200List the capabilities (and their inputs) a policy can target

Notes for operators

  • Order. Register a provider before any policy targets it — a policy write that names an unregistered or retired provider is rejected. The client slug must already exist.
  • Policy writes are all-or-nothing. A PUT (single capability or full set) is validated as a whole and applied atomically; a single invalid entry rejects the entire call with 422 CRT022001 and changes nothing. Runtime routing never observes a half-applied policy.
  • Deleting a policy is deliberately not idempotent. Removing a capability that has no active policy returns 404 CRT004001 rather than succeeding silently, so an accidental repeat call is visible.
  • Registering a provider is create-only. POST /connectors is not an upsert — a duplicate connectorKey returns 409 CRT009004.
  • Retiring a provider is a soft-delete. It is refused with 409 CRT009002 while any active policy still targets it. Customer requests already pinned to a retired provider continue to reach it; only new policy writes that target it are blocked.

Errors

HTTPCodeWhen
404CRT004004Client slug not found
404CRT004001No active policy for the capability (read or delete)
404CRT004003Provider not found, or already retired (update base URL)
409CRT009002Provider still targeted by an active policy (retire)
409CRT009003Provider is retired; update rejected
409CRT009004Provider connectorKey already exists (register)
422CRT022001Policy validation failed (wrong mechanism, empty set, missing/duplicate target, fact-coverage gap, or unknown target provider)