Create a brand-new draft policy version with no parent.
POST /v1/policies
POST
/v1/policies
Creates a new policy version in the draft state for the scoped tenant and environment. Unlike PUT with create_new_draft, this does not require an existing source version. If body is omitted, a default-deny skeleton is seeded. The created version is validated on write; an invalid body lands in the rejected state, consistent with draft update. actor_id is derived from auth and rejected if supplied.
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Query Parameters
Section titled “Query Parameters ” tenant_id
string
environment_id
string
Request Body required
Section titled “Request Body required ”object
policy_version
required
string
body
Optional manifest body; default-deny skeleton seeded when omitted.
object
owner
object
user_id
string
team
string
source
object
source_type
string
source_ref
string
description
string
reason_code
string
reason
string
actor_id
Rejected if supplied; actor is derived from authentication context.
string
Responses
Section titled “ Responses ”Draft policy created.
object
schema_version
required
policy_version
required
string
status
required
string
manifest_hash
required
string
etag
required
string
audit_event_id
required
string | null
validation
required
object
valid
required
boolean
status
required
checked_at
required
string | null format: date-time
checked_by
required
string | null
rule_count
required
integer
errors
required
Array<object>
object
reason_code
required
string
message
required
string
line
required
integer | null
column
required
integer | null
path
required
string
Invalid request
Missing policy.write.
Policy_version already exists in this environment.
Type set in Geist, Source Serif 4, and Departure Mono.