Deactivate Policy Rules
Overview
You can deactivate existing policy rules that are unlocked.
Note: To unlock a locked policy, you must contact [email protected].
Prerequisites
1. Get Touchpoint and Policy Rule
To deactivate a policy rule, you first need to obtain the policy rule ID.
Endpoint: List Policy Rules
export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
curl -X GET \
"https://app.bitgo-test.com/api/policy/v1/enterprises/$ENTERPRISE_ID/rules" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"Step Result
You return all the policy rules for your enterprise. Identify the policy rule you want to update and make note of the policy rule ID, (the id field).
{
"rules": [
{
"uniqueId": "a7add416-03ac-49d1-91b1-e4a6923f2713",
"id": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad",
"name": "Spending limit - require approval on withdrawals of more than 3 TBTC4",
"status": "ACTIVE",
"version": 2,
"adminOnly": false,
"touchpointId": "166082ab-9268-4369-996a-b4ac63f6f634",
"scopeId": "c8234a0f-7722-44d7-bedc-bfded7bd24a7",
"touchpointLabel": "Withdrawal",
"scopeLabel": "Wallet",
"clauses": [
{
"actions": [
{
"name": "approvals.customer.enterpriseUser",
"parameters": {
"userIds": ["62ab90e06dfda30007974f0a52a12995"],
"minRequired": "1",
"initiatorIsAllowedToApprove": false
}
}
],
"conditions": [
{
"name": "transfer.amount",
"parameters": {
"coin": "tbtc4",
"amount": "300000000",
"operator": ">"
}
}
]
}
],
"filteringConditions": [
{
"name": "wallet.ids",
"parameters": { "walletId": ["654ec786c07fe8dc0dcfe03916ec5bb0"] }
}
],
"locked": false,
"lockType": "LOCK_AFTER_DATE",
"lockDate": "2024-04-14T18:52:07.955224Z",
"createdDate": "2024-04-12T19:06:41.185719Z",
"modifiedDate": "2024-04-12T19:09:15.694581Z",
"enterpriseId": "62c5ae8174ac860007aff138a2d74df7",
"createdBy": "62ab90e06dfda30007974f0a52a12995",
"modifiedBy": "627ff9325a5c1b0007c05a40d15e1522",
"evaluationId": "75ba4f44-6560-46c5-9e3f-fc44ae7b8064"
},
],
"nextBatchPrevId": "2"
}2. Deactivate Policy Rule
Use the touchpoint name and policy rule ID you obtained in the prior step to update the policy rule.
Endpoint: Deactivate Policy Rule
export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>"
export ID="<POLICY_RULE_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
curl -X DELETE \
"https://app.bitgo-test.com/api/policy/v1/enterprises/$ENTERPRISE_ID/rules/$ID" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"Step Result
The deactivated policy enters a PENDING_APPROVAL state for a brief period before becoming INACTIVE.
{
"uniqueId": "f889bb93-14fd-4629-b2d5-8cca07abbe74",
"id": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad",
"name": "Spending limit - require approval on withdrawals of more than 3 TBTC4",
"status": "PENDING_APPROVAL",
"adminOnly": false,
"touchpointId": "166082ab-9268-4369-996a-b4ac63f6f634",
"scopeId": "c8234a0f-7722-44d7-bedc-bfded7bd24a7",
"touchpointLabel": "Withdrawal",
"scopeLabel": "Wallet",
"clauses": [
{
"actions": [
{
"name": "approvals.customer.enterpriseUser",
"parameters": {
"userIds": ["62ab90e06dfda30007974f0a52a12995"],
"minRequired": "1",
"initiatorIsAllowedToApprove": false
}
}
],
"conditions": [
{
"name": "transfer.amount",
"parameters": {
"coin": "tbtc4",
"amount": "300000000",
"operator": ">"
}
}
]
}
],
"filteringConditions": [
{
"name": "wallet.ids",
"parameters": { "walletId": ["654ec786c07fe8dc0dcfe03916ec5bb0"] }
}
],
"locked": false,
"lockType": "LOCK_AFTER_DATE",
"lockDate": "2024-04-14T18:52:07.955224Z",
"createdDate": "2024-04-12T19:11:32.54600328Z",
"modifiedDate": "2024-04-12T19:11:32.655073Z",
"enterpriseId": "62c5ae8174ac860007aff138a2d74df7",
"createdBy": "62ab90e06dfda30007974f0a52a12995",
"modifiedBy": "62ab90e06dfda30007974f0a52a12995",
"evaluationId": "68c2b880-1415-49de-bf94-4494e638620b"
}3. Approve Policy Rule (Optional)
Note: If you configure an approval requirement for policy rules, you can't approve your own policy-rule changes - another admin must approve them.
3.1 Get Pending-Approval ID
To update a pending approval, you must get the pending-approval ID for the pending approval you want to respond to.
Endpoint: List Pending Approvals
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
curl -X GET \
https://app.bitgo-test.com/api/v2/pendingApprovals \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN"Step Result
{
"pendingApprovals": [
{
"id": "66198764cade63a5c722ab96ec3b9814",
"wallet": "654ec786c07fe8dc0dcfe03916ec5bb0",
"enterprise": "62c5ae8174ac860007aff138a2d74df7",
"bitgoOrg": "BitGo Trust",
"creator": "62ab90e06dfda30007974f0a52a12995",
"createDate": "2024-04-12T19:11:32.833Z",
"info": {
"type": "genericRequest",
"genericRequest": {
"description": "Request to delete policy rule {policyRuleId}",
"anchors": [
{
"key": "policyRuleId",
"value": "a7add416-03ac-49d1-91b1-e4a6923f2713",
"anchorType": "policyRuleId"
}
],
"currentId": "a7add416-03ac-49d1-91b1-e4a6923f2713",
"proposedId": "f889bb93-14fd-4629-b2d5-8cca07abbe74",
"resourceType": "policyRule",
"changeType": "delete",
"metadata": {
"sharedId": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad",
"policyRuleName": "Spending limit - require approval on withdrawals of more than 3 TBTC4"
}
}
},
"approvers": [
"621d08a634ad8a0007fcddffd7c429cc",
"627ff9325a5c1b0007c05a40d15e1522"
],
"state": "pending",
"scope": "wallet",
"userIds": [
"62ab90e06dfda30007974f0a52a12995",
"621d08a634ad8a0007fcddffd7c429cc",
"627ff9325a5c1b0007c05a40d15e1522"
],
"approvalsRequired": 1,
"singleRunResults": [],
"resolvers": [],
"policyEvaluationId": "68c2b880-1415-49de-bf94-4494e638620b",
"actions": [
{
"id": "83ba3f95-a52a-4a52-9058-9b9f2b9914e5",
"status": "PENDING",
"name": "approvals.customer.walletAdmin",
"parameters": { "userIds": [] },
"resolvers": [],
"approvers": [
"621d08a634ad8a0007fcddffd7c429cc",
"627ff9325a5c1b0007c05a40d15e1522"
]
}
],
"resolutionOrder": [
{ "actions": ["83ba3f95-a52a-4a52-9058-9b9f2b9914e5"] }
]
}
]
}3.2 Approve Pending Approval
Endpoint: Update Pending Approval
export APPROVAL_ID="<APPROVAL_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
export OTP="<YOUR_OTP>"
curl -X PUT \
https://app.bitgo-test.com/api/v2/pendingApprovals/$APPROVAL_ID \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"state": "approved",
"otp": "'"$OTP"'"
}'const baseCoin = this.bitgoSDK.coin(initialPendingApproval.coin);
const pendingApproval = await baseCoin.pendingApprovals().get({ id: initialPendingApproval.id });
const result = await pendingApproval.approve(params);Step Result
You approved the policy and
{
"id": "66198764cade63a5c722ab96ec3b9814",
"wallet": "654ec786c07fe8dc0dcfe03916ec5bb0",
"enterprise": "62c5ae8174ac860007aff138a2d74df7",
"bitgoOrg": "BitGo Trust",
"creator": "62ab90e06dfda30007974f0a52a12995",
"createDate": "2024-04-12T19:11:32.833Z",
"approvedDate": "2024-04-12T19:13:34.045Z",
"info": {
"type": "genericRequest",
"genericRequest": {
"description": "Request to delete policy rule {policyRuleId}",
"anchors": [
{
"key": "policyRuleId",
"value": "a7add416-03ac-49d1-91b1-e4a6923f2713",
"anchorType": "policyRuleId"
}
],
"currentId": "a7add416-03ac-49d1-91b1-e4a6923f2713",
"proposedId": "f889bb93-14fd-4629-b2d5-8cca07abbe74",
"resourceType": "policyRule",
"changeType": "delete",
"metadata": {
"sharedId": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad",
"policyRuleName": "Spending limit - require approval on withdrawals of more than 3 TBTC4"
}
}
},
"approvers": [],
"state": "approved",
"scope": "wallet",
"userIds": [
"62ab90e06dfda30007974f0a52a12995",
"621d08a634ad8a0007fcddffd7c429cc",
"627ff9325a5c1b0007c05a40d15e1522"
],
"approvalsRequired": 1,
"singleRunResults": [],
"resolvers": [
{
"user": "627ff9325a5c1b0007c05a40d15e1522",
"date": "2024-04-12T19:13:33.878Z",
"resolutionType": "pending",
"resolutionAction": "approve"
}
],
"policyEvaluationId": "68c2b880-1415-49de-bf94-4494e638620b",
"actions": [
{
"id": "83ba3f95-a52a-4a52-9058-9b9f2b9914e5",
"status": "COMPLETE",
"name": "approvals.customer.walletAdmin",
"parameters": { "userIds": [] },
"resolvers": [
{
"user": "627ff9325a5c1b0007c05a40d15e1522",
"date": "2024-04-12T19:13:33.878Z",
"resolutionType": "pending",
"resolutionAction": "approve"
}
],
"approvers": ["621d08a634ad8a0007fcddffd7c429cc"]
}
],
"resolutionOrder": [{ "actions": ["83ba3f95-a52a-4a52-9058-9b9f2b9914e5"] }]
}4. View the Deactivated Policy (Optional)
Check the status of the policy deactivation to confirm the policy is in the INACTIVE state.
Endpoint: Get Policy Rule
export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>"
export ID="<POLICY_RULE_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
curl -X GET \
"https://app.bitgo-test.com/api/policy/v1/enterprises/$ENTERPRISE_ID/rules/$ID" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"Step Result
You can view the INACTIVE state for the policy, confirming that's it's deactivated.
{
"uniqueId": "f889bb93-14fd-4629-b2d5-8cca07abbe74",
"id": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad",
"name": "Spending limit - require approval on withdrawals of more than 3 TBTC4",
"status": "INACTIVE",
"version": 3,
"adminOnly": false,
"touchpointId": "166082ab-9268-4369-996a-b4ac63f6f634",
"scopeId": "c8234a0f-7722-44d7-bedc-bfded7bd24a7",
"touchpointLabel": "Withdrawal",
"scopeLabel": "Wallet",
"clauses": [
{
"actions": [
{
"name": "approvals.customer.enterpriseUser",
"parameters": {
"userIds": ["62ab90e06dfda30007974f0a52a12995"],
"minRequired": "1",
"initiatorIsAllowedToApprove": false
}
}
],
"conditions": [
{
"name": "transfer.amount",
"parameters": {
"coin": "tbtc4",
"amount": "300000000",
"operator": ">"
}
}
]
}
],
"filteringConditions": [
{
"name": "wallet.ids",
"parameters": { "walletId": ["654ec786c07fe8dc0dcfe03916ec5bb0"] }
}
],
"locked": false,
"lockType": "LOCK_AFTER_DATE",
"lockDate": "2024-04-14T18:52:07.955224Z",
"createdDate": "2024-04-12T19:11:32.546003Z",
"modifiedDate": "2024-04-12T19:13:34.360531Z",
"enterpriseId": "62c5ae8174ac860007aff138a2d74df7",
"createdBy": "62ab90e06dfda30007974f0a52a12995",
"modifiedBy": "62ab90e06dfda30007974f0a52a12995",
"evaluationId": "68c2b880-1415-49de-bf94-4494e638620b"
}See Also
Updated 22 days ago