V3 Create Policy

Creates a new policy with dictionary references.

Creates a policy

Creates a new policy with dictionary references. At the time of policy creation, the caller should only provide - contentTypes, name, scopes and type. The rest of the information is populated automatically. Note - You need to enable the policy after creation to start enforcing the policy.

POSTyouragentURL.symphony.com/agent/v3/dlp/policies

Header parameters

Body

Details about the policy that should be created.

name*string

Unique name of a policy, max 30 characters. Cannot be empty. All the leading and trailing blank spaces are trimmed.

scopes*array of string

List of communication scopes. Possible values are "Internal" (for Internal conversations) or "External" (for External conversations). You can apply both scopes if you set it to ["Internal", "External"].

appliesTo*array of V3DLPPolicyAppliesTo (object)

Response

Success

Body

dataV3DLPPolicy (object)

A policy is the main entity of V3 policy/rule system. It is responsible to define rules and add scope constraints to the engine.

Request

const response = await fetch('youragentURL.symphony.com/agent/v3/dlp/policies', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "appliesTo": [
        {
          "action": "text",
          "dataType": "text",
          "rules": [
            {
              "name": "text",
              "type": "text"
            }
          ]
        }
      ],
      "name": "text",
      "scopes": [
        "text"
      ]
    }),
});
const data = await response.json();

Response

{
  "data": {
    "id": "text",
    "policyId": "text",
    "version": "text",
    "name": "text",
    "scopes": [
      "text"
    ],
    "appliesTo": [
      {
        "dataType": "text",
        "action": "text",
        "rules": [
          {
            "id": "text",
            "type": "text",
            "name": "text",
            "textMatchConfig": {
              "dictionaries": [
                {
                  "dictId": "text",
                  "version": "text",
                  "name": "text"
                }
              ],
              "applicableFileTypes": [
                "text"
              ]
            },
            "fileSizeConfig": {},
            "fileExtensionConfig": {
              "allowLists": [
                "text"
              ],
              "blockLists": [
                "text"
              ]
            },
            "filePasswordConfig": {
              "applicableFileTypes": [
                "text"
              ],
              "matchCriteria": "text"
            },
            "fileClassifierConfig": {
              "applicableFileTypes": [
                "text"
              ]
            }
          }
        ]
      }
    ],
    "active": false,
    "deleted": false,
    "systemPolicy": false
  }
}

After you create a policy, call Enable Policy to start enforcing the policy.

AppliesTo

Configuration applies to policy

Field	Type	Required	Description
dataType	string	Yes	The list of data types that policy should apply to. Can't be empty. Can be one of [“Messages","RoomMeta", "SignalMeta", "FileContent", "FileMeta"]
action	string	Yes	Action to be taken on violation detection. Can be one of ["Block", "Warn", "LogOnly"]. The default is "LogOnly".
rules	rules array_object See Rules	Yes	A Rule defines the actual matching specification for policies. It holds a type and a configuration for the rule, these properties should be used to build the corresponding matching implementation. Only one of the configuration property should be set [textMatchConfig, fileSizeConfig, fileExtensionConfig, filePasswordConfig, fileClassifierConfig].

Field

Type

Required

Description

dataType

string

Yes

The list of data types that policy should apply to. Can't be empty. Can be one of [“Messages","RoomMeta", "SignalMeta", "FileContent", "FileMeta"]

action

string

Yes

Action to be taken on violation detection.

Can be one of ["Block", "Warn", "LogOnly"]. The default is "LogOnly".

rules

array_object

See Rules

Yes

A Rule defines the actual matching specification for policies. It holds a type and a configuration for the rule, these properties should be used to build the corresponding matching implementation.

Only one of the configuration property should be set [textMatchConfig, fileSizeConfig, fileExtensionConfig, filePasswordConfig, fileClassifierConfig].

Rules

Configuration for rules

Field	Type	Required	Description
type	string	Yes	Type of a rule used by policy. Can be [" "TEXT_MATCH", "FILE_EXTENSION", "FILE_SIZE", "FILE_PASSWORD", "FILE_CLASSIFIER"].
name	string	Yes	Name for rule.
textMatchConfig	object	Only one of the configuration property should be set [textMatchConfig, fileClassifierConfig, filePasswordConfig].	This is a configuration that can be used to match text or regex. Configuration that can be used by a rule. This is a configuration that can be used to match text or regex. This configuration also corresponds to V2 TextMatch/RegexMatch of dictionaries. See TextMatchConfig
filePasswordConfig	object	Only one of the configuration property should be set [textMatchConfig, fileClassifierConfig, filePasswordConfig].	Password protected detection config for files that are password protected or not.
fileClassifierConfig	object	Only one of the configuration property should be set [textMatchConfig, fileClassifierConfig, filePasswordConfig].	Extension detection config for allowed and blocked types of file extensions.

Field

Type

Required

Description

type

string

Yes

Type of a rule used by policy. Can be [" "TEXT_MATCH", "FILE_EXTENSION", "FILE_SIZE", "FILE_PASSWORD", "FILE_CLASSIFIER"].

name

string

Yes

Name for rule.

textMatchConfig

object

Only one of the configuration property should be set [textMatchConfig, fileClassifierConfig, filePasswordConfig].

This is a configuration that can be used to match text or regex. Configuration that can be used by a rule. This is a configuration that can be used to match text or regex. This configuration also corresponds to V2 TextMatch/RegexMatch of dictionaries. See TextMatchConfig

filePasswordConfig

object

Only one of the configuration property should be set [textMatchConfig, fileClassifierConfig, filePasswordConfig].

Password protected detection config for files that are password protected or not.

fileClassifierConfig

object

Only one of the configuration property should be set [textMatchConfig, fileClassifierConfig, filePasswordConfig].

Extension detection config for allowed and blocked types of file extensions.

TextMatchConfig

Field	Type	Required	Description
dictionaries	array_object see DictionaryMeta	Yes	List of dictionaries to apply in config. See DictionaryMeta
countUniqueOccurrences	string	Yes	Count of unique occurrences to be matched.
applicableFileTypes	array_string	File types must be applied only for rule type "FileContent", otherwise must be empty.	Can be ["PDF", "WORD", "EXCEL", "POWERPOINT", "ZIP", "CSV", "TXT"].

Field

Type

Required

Description

dictionaries

array_object

see DictionaryMeta

Yes

List of dictionaries to apply in config. See DictionaryMeta

countUniqueOccurrences

string

Yes

Count of unique occurrences to be matched.

applicableFileTypes

array_string

File types must be applied only for rule type "FileContent", otherwise must be empty.

Can be ["PDF", "WORD", "EXCEL", "POWERPOINT", "ZIP", "CSV", "TXT"].

Field

DictionaryMeta

Field	Type	Required	Description
dictId	string	Yes	Unique dictionary identifier.
name	string	Yes	Dictionary version.
version	string	Yes	Dictionary name.

Field

Type

Required

Description

dictId

string

Yes

Unique dictionary identifier.

name

string

Yes

Dictionary version.

version

string

Yes

Dictionary name.

FileClassifierConfig

Field	Type	Required	Description
classifiers	Map<String, String>	Yes	Classifier is defined as a Key and its Value: e.g.: "classification": "Internal". Name and value can contain UTF-8 characters. Neither the name nor value cannot be left empty. Maximum 30 characters for the name and value, case insensitive. If files contains k-v pairs in the classifers map, it means a match. Maximum 30 classifiers per policy.
applicableFileTypes	array_string	Yes	File types that can be applied. Can be ["PDF", "WORD", "EXCEL", "POWERPOINT", "ZIP", "CSV", "TXT"].

Field

Type

Required

Description

classifiers

Map<String, String>

Yes

Classifier is defined as a Key and its Value: e.g.: "classification": "Internal". Name and value can contain UTF-8 characters. Neither the name nor value cannot be left empty.

Maximum 30 characters for the name and value, case insensitive.

If files contains k-v pairs in the classifers map, it means a match. Maximum 30 classifiers per policy.

applicableFileTypes

array_string

Yes

File types that can be applied. Can be ["PDF", "WORD", "EXCEL", "POWERPOINT", "ZIP", "CSV", "TXT"].

FilePasswordConfig

Field	Type	Required	Description
applicableFileTypes	array_string	Yes	File types that can be applied. Can be ["PDF", "WORD", "EXCEL", "POWERPOINT", "ZIP", "CSV", "TXT"].
matchCriteria	array_string	Yes	Based on the criteria, whether a file is password protected or not means a match.Can be ["PASSWORD_PROTECTED". "NOT_PASSWORD_PROTECTED"]. The default is "NOT_PASSWORD_PROTECTED".

Field

Type

Required

Description

applicableFileTypes

array_string

Yes

File types that can be applied. Can be ["PDF", "WORD", "EXCEL", "POWERPOINT", "ZIP", "CSV", "TXT"].

matchCriteria

array_string

Yes

Based on the criteria, whether a file is password protected or not means a match.Can be ["PASSWORD_PROTECTED". "NOT_PASSWORD_PROTECTED"]. The default is "NOT_PASSWORD_PROTECTED".

🚧 Required Permissions
Calling this endpoint requires a Service User Account set with the Expression Filter Policy Management role. For more information about Service User accounts and their roles, see the Symphony Administration Guide.
See Bot Permissions for a list of roles and associated privileges.

Last updated 4 months ago

Creates a policy

POSTyouragentURL.symphony.com/agent/v3/dlp/policies

const response = await fetch('youragentURL.symphony.com/agent/v3/dlp/policies', { method: 'POST', headers: { "Content-Type": "application/json" }, body: JSON.stringify({ "appliesTo": [ { "action": "text", "dataType": "text", "rules": [ { "name": "text", "type": "text" } ] } ], "name": "text", "scopes": [ "text" ] }), }); const data = await response.json();

{ "data": { "id": "text", "policyId": "text", "version": "text", "name": "text", "scopes": [ "text" ], "appliesTo": [ { "dataType": "text", "action": "text", "rules": [ { "id": "text", "type": "text", "name": "text", "textMatchConfig": { "dictionaries": [ { "dictId": "text", "version": "text", "name": "text" } ], "applicableFileTypes": [ "text" ] }, "fileSizeConfig": {}, "fileExtensionConfig": { "allowLists": [ "text" ], "blockLists": [ "text" ] }, "filePasswordConfig": { "applicableFileTypes": [ "text" ], "matchCriteria": "text" }, "fileClassifierConfig": { "applicableFileTypes": [ "text" ] } } ] } ], "active": false, "deleted": false, "systemPolicy": false } }