Add policy rule


Adds a rule to a wallet’s policy. A wallet policy’s rules control the conditions under which BitGo will use its single key to sign a transaction. An email notification will be sent to all wallet users when a policy is updated. This email is NOT sent for the first time policy is added.

Path Parameters

  • coinstringRequired
    A cryptocurrency or token ticker symbol.
    Example: "btc"
  • walletIdstringRequired
    Example: "59cd72485007a239fb00282ed480da1f"
    Pattern: ^[0-9a-f]{32}$

Request Body

coin string
If set, the rule will only apply to the given coin or ERC20 token in an Ethereum wallet. It is generally recommended to not set a coin for policy rules of the following types: "advancedWhitelist", "allTx", "coinAddressWhitelist", "coinAddressBlacklist", "webhook".
Example: zrx
id string required
The id of the rule, must be unique among rules in the policy
type string required
What causes this rule to trigger
Allowed values: advancedWhitelist allTx allTxNoFiat coinAddressWhitelist coinAddressBlacklist velocityLimit webhook
conditionAny of
Parameters for the type
amountString string required
The amount for the limit
Example: 2000000
Match pattern: ^-?\d+$
timeWindow integer
Time window in seconds for a velocity limit, between 1 and a month
Minimum: >= 0
Maximum: <= 2678400
action object required
What happens when this rule is triggered
type string required
Allowed values: deny getApproval getFinalApproval getCustodianApproval getIdVerification noop
approvalsRequired integer
Minimum: >= 1
Example: 1
userIds array
For a final approver action, who can approve

200 Response

admin object
policy object
allowBackupKeySigning boolean
balanceString string
Total balance in base units (e.g. Satoshis)
Example: 2000000
Match pattern: ^-?\d+$
buildDefaults object
minFeeRate integer
(BTC only) Wallet-level minimum fee rate that must be greater than or equal to the default of 1000 satoshis/kvByte. Per transaction, you can override "minFeeRate" with the "feeRate" parameter.
Minimum: >= 1000
Example: 12000
coinSpecific object
creationFailure array[string]
Includes list of fail initialization txids
pendingChainInitialization boolean
Whether the wallet needs to be initialized on the chain
rootAddress string
Root address of the wallet
stellarUsername string
Username for the user's Stellar address
homeDomain string
Home domain of a Stellar account
stellarAddress string
Email-like address associated to a Stellar account
custodialWallet object
The associated custodial wallet object
deleted boolean required
disableTransactionNotifications boolean required
freeze object
time string <dateTime>
expires string <dateTime>
isCold boolean
keys array
Example: ["585951a5df8380e0e304a553","585951a5df8380e0e30d645c","585951a5df8380e0e30b6147"]
label string required
Example: My Wallet
m integer
Number of signatures required. This value must be 2 for hot wallets, 1 for **ofc** wallets, and not specified for custodial wallets.
Example: 2
n integer
Number of keys provided. This value must be 3 for hot wallets, 1 for **ofc** wallets, and not specified for custodial wallets.
Example: 3
receiveAddress object
id string
platform public id for an address
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
chain integer
Allowed values: 0 1 10 11 20 21 30 31
Example: 1
index integer
coin string
lastNonce integer
Default: -1
wallet string
The wallet which contains this address
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
coinSpecific object
Properties which are specific to certain coin types
balance object
Balance of the address. In case of Eth and Celo, if returnBalancesForToken is passed with includeBalances, then it will return token balance in the address object. This field will be present only when "includeBalances" query param is passed as true.
labelOne of
A human-readable label for the address.
addressType string
Allowed values: p2sh p2sh-p2wsh p2wsh
Example: p2sh
recoverable boolean
tags array
Spendable balance in base units (e.g. Satoshis)
startDate string <date-time>
Wallet creation time
Example: {}
type string
The type describes who owns the keys to the wallet and how they are stored. "cold" wallets are wallets where the private key of the user key is stored exclusively outside of BitGo's system. "custodial" means that this wallet is a cold wallet where BitGo owns the keys. Only customers of the BitGo Trust can create this kind of wallet. "custodialPaired" means that this is a hot wallet that is owned by the customer but it will be linked to a cold (custodial) wallet where BitGo owns the keys. This option is only available to customers of BitGo Inc. BitGo stores an encrypted private key for the user key of "hot" wallets. "trading" wallets are trading accounts where the coin is "ofc".
Allowed values: cold custodial custodialPaired hot trading
users array[object]
permissions array[string]
Allowed values: admin view spend
customChangeKeySignatures object
Signatures for the keys which will be used to derive custom change addresses. **Note:** These signatures may only be set once for each wallet and are not modifiable after being set.
user string
backup string
bitgo string
multisigType string
Allowed values: onchain tss blsdkg

202 Response

wallet string
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
createDate string <date-time>
infoAny of
transactionRequest object
type string
Allowed value: transactionRequest
stateAny of
scope string
What kind of entity the Pending Approval is tied to
Allowed values: enterprise wallet
userIds array
All the Users who should see this Pending Approval
walletLabel string

400 Response

One of
error string required
Human-readable error message
requestId string required
Client request id
context object
Properties that apply to a specific error name
name string required
Error code