Deactivate Policy Rules
Overview
You can deactivate existing policy rules that are unlocked.
Note: To unlock a locked policy, you must contact support@bitgo.com.
Prerequisites
1. Get Touchpoint and Policy Rule
To deactivate a policy rule, you first need to obtain the policy rule ID.
Endpoint: List Policy Rules
1 2 3 4 5 6 7export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>" export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>" curl -X GET \ "https://app.bitgo-test.com/api/policy/v1/enterprises/$ENTERPRISE_ID/rules" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $ACCESS_TOKEN"
Step Result
You return all the policy rules for your enterprise. Identify the policy rule you want to update and make note of the policy rule ID, (the id field).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56{ "rules": [ { "uniqueId": "a7add416-03ac-49d1-91b1-e4a6923f2713", "id": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad", "name": "Spending limit - require approval on withdrawals of more than 3 TBTC4", "status": "ACTIVE", "version": 2, "adminOnly": false, "touchpointId": "166082ab-9268-4369-996a-b4ac63f6f634", "scopeId": "c8234a0f-7722-44d7-bedc-bfded7bd24a7", "touchpointLabel": "Withdrawal", "scopeLabel": "Wallet", "clauses": [ { "actions": [ { "name": "approvals.customer.enterpriseUser", "parameters": { "userIds": ["62ab90e06dfda30007974f0a52a12995"], "minRequired": "1", "initiatorIsAllowedToApprove": false } } ], "conditions": [ { "name": "transfer.amount", "parameters": { "coin": "tbtc4", "amount": "300000000", "operator": ">" } } ] } ], "filteringConditions": [ { "name": "wallet.ids", "parameters": { "walletId": ["654ec786c07fe8dc0dcfe03916ec5bb0"] } } ], "locked": false, "lockType": "LOCK_AFTER_DATE", "lockDate": "2024-04-14T18:52:07.955224Z", "createdDate": "2024-04-12T19:06:41.185719Z", "modifiedDate": "2024-04-12T19:09:15.694581Z", "enterpriseId": "62c5ae8174ac860007aff138a2d74df7", "createdBy": "62ab90e06dfda30007974f0a52a12995", "modifiedBy": "627ff9325a5c1b0007c05a40d15e1522", "evaluationId": "75ba4f44-6560-46c5-9e3f-fc44ae7b8064" }, ], "nextBatchPrevId": "2" }
2. Deactivate Policy Rule
Use the touchpoint name and policy rule ID you obtained in the prior step to update the policy rule.
Endpoint: Deactivate Policy Rule
1 2 3 4 5 6 7 8export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>" export ID="<POLICY_RULE_ID>" export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>" curl -X DELETE \ "https://app.bitgo-test.com/api/policy/v1/enterprises/$ENTERPRISE_ID/rules/$ID" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $ACCESS_TOKEN"
Step Result
The deactivated policy enters a PENDING_APPROVAL state for a brief period before becoming INACTIVE.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50{ "uniqueId": "f889bb93-14fd-4629-b2d5-8cca07abbe74", "id": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad", "name": "Spending limit - require approval on withdrawals of more than 3 TBTC4", "status": "PENDING_APPROVAL", "adminOnly": false, "touchpointId": "166082ab-9268-4369-996a-b4ac63f6f634", "scopeId": "c8234a0f-7722-44d7-bedc-bfded7bd24a7", "touchpointLabel": "Withdrawal", "scopeLabel": "Wallet", "clauses": [ { "actions": [ { "name": "approvals.customer.enterpriseUser", "parameters": { "userIds": ["62ab90e06dfda30007974f0a52a12995"], "minRequired": "1", "initiatorIsAllowedToApprove": false } } ], "conditions": [ { "name": "transfer.amount", "parameters": { "coin": "tbtc4", "amount": "300000000", "operator": ">" } } ] } ], "filteringConditions": [ { "name": "wallet.ids", "parameters": { "walletId": ["654ec786c07fe8dc0dcfe03916ec5bb0"] } } ], "locked": false, "lockType": "LOCK_AFTER_DATE", "lockDate": "2024-04-14T18:52:07.955224Z", "createdDate": "2024-04-12T19:11:32.54600328Z", "modifiedDate": "2024-04-12T19:11:32.655073Z", "enterpriseId": "62c5ae8174ac860007aff138a2d74df7", "createdBy": "62ab90e06dfda30007974f0a52a12995", "modifiedBy": "62ab90e06dfda30007974f0a52a12995", "evaluationId": "68c2b880-1415-49de-bf94-4494e638620b" }
3. Approve Policy Rule (Optional)
Note: If you configure an approval requirement for policy rules, you can't approve your own policy-rule changes - another admin must approve them.
3.1 Get Pending-Approval ID
To update a pending approval, you must get the pending-approval ID for the pending approval you want to respond to.
Endpoint: List Pending Approvals
1 2 3 4 5 6export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>" curl -X GET \ https://app.bitgo-test.com/api/v2/pendingApprovals \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $ACCESS_TOKEN"
Step Result
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64{ "pendingApprovals": [ { "id": "66198764cade63a5c722ab96ec3b9814", "wallet": "654ec786c07fe8dc0dcfe03916ec5bb0", "enterprise": "62c5ae8174ac860007aff138a2d74df7", "bitgoOrg": "BitGo Trust", "creator": "62ab90e06dfda30007974f0a52a12995", "createDate": "2024-04-12T19:11:32.833Z", "info": { "type": "genericRequest", "genericRequest": { "description": "Request to delete policy rule {policyRuleId}", "anchors": [ { "key": "policyRuleId", "value": "a7add416-03ac-49d1-91b1-e4a6923f2713", "anchorType": "policyRuleId" } ], "currentId": "a7add416-03ac-49d1-91b1-e4a6923f2713", "proposedId": "f889bb93-14fd-4629-b2d5-8cca07abbe74", "resourceType": "policyRule", "changeType": "delete", "metadata": { "sharedId": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad", "policyRuleName": "Spending limit - require approval on withdrawals of more than 3 TBTC4" } } }, "approvers": [ "621d08a634ad8a0007fcddffd7c429cc", "627ff9325a5c1b0007c05a40d15e1522" ], "state": "pending", "scope": "wallet", "userIds": [ "62ab90e06dfda30007974f0a52a12995", "621d08a634ad8a0007fcddffd7c429cc", "627ff9325a5c1b0007c05a40d15e1522" ], "approvalsRequired": 1, "singleRunResults": [], "resolvers": [], "policyEvaluationId": "68c2b880-1415-49de-bf94-4494e638620b", "actions": [ { "id": "83ba3f95-a52a-4a52-9058-9b9f2b9914e5", "status": "PENDING", "name": "approvals.customer.walletAdmin", "parameters": { "userIds": [] }, "resolvers": [], "approvers": [ "621d08a634ad8a0007fcddffd7c429cc", "627ff9325a5c1b0007c05a40d15e1522" ] } ], "resolutionOrder": [ { "actions": ["83ba3f95-a52a-4a52-9058-9b9f2b9914e5"] } ] } ] }
3.2 Approve Pending Approval
Endpoint: Update Pending Approval
1 2 3 4 5 6 7 8 9 10 11 12export APPROVAL_ID="<APPROVAL_ID>" export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>" export OTP="<YOUR_OTP>" curl -X PUT \ https://app.bitgo-test.com/api/v2/pendingApprovals/$APPROVAL_ID \ -H 'Content-Type: application/json' \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -d '{ "state": "approved", "otp": "'"$OTP"'" }'
Step Result
You approved the policy and
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67{ "id": "66198764cade63a5c722ab96ec3b9814", "wallet": "654ec786c07fe8dc0dcfe03916ec5bb0", "enterprise": "62c5ae8174ac860007aff138a2d74df7", "bitgoOrg": "BitGo Trust", "creator": "62ab90e06dfda30007974f0a52a12995", "createDate": "2024-04-12T19:11:32.833Z", "approvedDate": "2024-04-12T19:13:34.045Z", "info": { "type": "genericRequest", "genericRequest": { "description": "Request to delete policy rule {policyRuleId}", "anchors": [ { "key": "policyRuleId", "value": "a7add416-03ac-49d1-91b1-e4a6923f2713", "anchorType": "policyRuleId" } ], "currentId": "a7add416-03ac-49d1-91b1-e4a6923f2713", "proposedId": "f889bb93-14fd-4629-b2d5-8cca07abbe74", "resourceType": "policyRule", "changeType": "delete", "metadata": { "sharedId": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad", "policyRuleName": "Spending limit - require approval on withdrawals of more than 3 TBTC4" } } }, "approvers": [], "state": "approved", "scope": "wallet", "userIds": [ "62ab90e06dfda30007974f0a52a12995", "621d08a634ad8a0007fcddffd7c429cc", "627ff9325a5c1b0007c05a40d15e1522" ], "approvalsRequired": 1, "singleRunResults": [], "resolvers": [ { "user": "627ff9325a5c1b0007c05a40d15e1522", "date": "2024-04-12T19:13:33.878Z", "resolutionType": "pending", "resolutionAction": "approve" } ], "policyEvaluationId": "68c2b880-1415-49de-bf94-4494e638620b", "actions": [ { "id": "83ba3f95-a52a-4a52-9058-9b9f2b9914e5", "status": "COMPLETE", "name": "approvals.customer.walletAdmin", "parameters": { "userIds": [] }, "resolvers": [ { "user": "627ff9325a5c1b0007c05a40d15e1522", "date": "2024-04-12T19:13:33.878Z", "resolutionType": "pending", "resolutionAction": "approve" } ], "approvers": ["621d08a634ad8a0007fcddffd7c429cc"] } ], "resolutionOrder": [{ "actions": ["83ba3f95-a52a-4a52-9058-9b9f2b9914e5"] }] }
4. View the Deactivated Policy (Optional)
Check the status of the policy deactivation to confirm the policy is in the INACTIVE state.
Endpoint: Get Policy Rule
1 2 3 4 5 6 7 8export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>" export ID="<POLICY_RULE_ID>" export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>" curl -X GET \ "https://app.bitgo-test.com/api/policy/v1/enterprises/$ENTERPRISE_ID/rules/$ID" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $ACCESS_TOKEN"
Step Result
You can view the INACTIVE state for the policy, confirming that's it's deactivated.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51{ "uniqueId": "f889bb93-14fd-4629-b2d5-8cca07abbe74", "id": "5e43e1b6-665d-4406-b59a-b9e1d2e9dfad", "name": "Spending limit - require approval on withdrawals of more than 3 TBTC4", "status": "INACTIVE", "version": 3, "adminOnly": false, "touchpointId": "166082ab-9268-4369-996a-b4ac63f6f634", "scopeId": "c8234a0f-7722-44d7-bedc-bfded7bd24a7", "touchpointLabel": "Withdrawal", "scopeLabel": "Wallet", "clauses": [ { "actions": [ { "name": "approvals.customer.enterpriseUser", "parameters": { "userIds": ["62ab90e06dfda30007974f0a52a12995"], "minRequired": "1", "initiatorIsAllowedToApprove": false } } ], "conditions": [ { "name": "transfer.amount", "parameters": { "coin": "tbtc4", "amount": "300000000", "operator": ">" } } ] } ], "filteringConditions": [ { "name": "wallet.ids", "parameters": { "walletId": ["654ec786c07fe8dc0dcfe03916ec5bb0"] } } ], "locked": false, "lockType": "LOCK_AFTER_DATE", "lockDate": "2024-04-14T18:52:07.955224Z", "createdDate": "2024-04-12T19:11:32.546003Z", "modifiedDate": "2024-04-12T19:13:34.360531Z", "enterpriseId": "62c5ae8174ac860007aff138a2d74df7", "createdBy": "62ab90e06dfda30007974f0a52a12995", "modifiedBy": "62ab90e06dfda30007974f0a52a12995", "evaluationId": "68c2b880-1415-49de-bf94-4494e638620b" }