Create Policy
Create a new policy for identity lifecycle management with conditions and actions
Last updated
Was this helpful?
Create a new policy for identity lifecycle management with conditions and actions
Last updated
Was this helpful?
Was this helpful?
POST /api/private/lifecycle_management/policiesCreate a new policy in your Veza Lifecycle Management configuration. Policies define the main object for controlling Lifecycle Management operations and include descriptions. Each policy has multiple versions, one of which is live and up to one of which is in draft mode, with all others being historical.
Use this endpoint to:
Create new lifecycle management policies
Define data source connections for identity management
Configure notification settings for policy events
Set up safety limits and retry behavior
The source of truth data source(s) for this policy (must have one and must be of the same type)
If true will only sync if the source of identity changes
If sync_only_when_source_changes is true, how quickly (in minutes) to run a check when no changes are detected (default is 1 day 1440)
Settings that determine when to block changes and send warnings
if true will not retry failed workflows
how many times we will retry a failed workflow (default is 10)
OK
Default error response
POST /api/private/lifecycle_management/policies HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 910
{
"name": "text",
"description": "text",
"state": 1,
"datasource_ids": [
"text"
],
"event_notification_settings": [
{
"event_type": 1,
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"secondary_source_of_identities": [
{
"datasource_ids": [
"text"
],
"correlation_attribute_names": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"only_enrich_existing": true
}
],
"sync_only_when_source_changes": true,
"time_before_sync_if_no_source_changes_in_minutes": 1,
"identity_attribute_mappings": [
{
"identity_attribute": 1,
"entity_attribute_name": "text"
}
],
"safety_limit_settings": {
"enable_change_limit": true,
"enable_predictive_change_limit": true,
"max_identities_affected_percentage": 1,
"max_identities_affected_count": "text",
"warning_email_addresses": [
"text"
]
},
"no_retry_for_failed_workflow": true,
"max_retries_for_failed_workflow": 1
}{
"value": {
"id": "text",
"name": "text",
"description": "text",
"state": 1,
"current_version_number": 1,
"draft_version_number": 1,
"entity_type": "text",
"datasource_ids": [
"text"
],
"access_profiles_used": [
"text"
],
"provider_external_ids": [
"text"
],
"current_version": {
"policy_id": "text",
"version_number": 1,
"state": 1,
"config": {
"workflows": [
{
"trigger_type": 1,
"description": "text",
"trigger_string": "text",
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"continuous_sync": true,
"name": "text",
"state": 1,
"attribute_to_get_execute_date": "text",
"local_time_zone_diff_from_utc": 1,
"local_time_zone_attribute": "text",
"trigger_at_local_time_hour": 1,
"execute_date_time_formatters": [
{
"date_formatter": "text",
"pipeline_functions": "text"
}
],
"grace_period_in_sec": 1,
"skip_trigger_recheck_after_grace_period": true,
"priority": 1
}
],
"actions": [
{
"name": "text",
"description": "text",
"type": 1,
"config": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"action_notification_settings": [
{
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"state": 1,
"run_once": true
}
],
"attribute_common_transformers": [
{
"name": "text",
"description": "text",
"entity_type": "text",
"entity_attribute_transformers": [
{
"destination_attribute": "text",
"destination_value_formatter": "text",
"continuous_sync": true,
"additional_value_formatter": [
"text"
],
"pipeline_functions": "text",
"unique_identifier": true
}
]
}
],
"lookup_table_references": [
{
"name": "text",
"description": "text",
"column_names": [
"text"
],
"lookup_table_id": "text"
}
],
"mover_properties": [
"text"
],
"password_complexity_rules": [
{
"name": "text",
"length": 1,
"use_special_characters": true,
"use_numbers": true,
"use_uppercase": true,
"use_lowercase": true,
"disallowed_characters": "text"
}
],
"transformer_functions": [
{
"function_expression": "text",
"definition": {
"name": "text",
"description": "text",
"parameters": [
{
"name": "text",
"description": "text",
"type": 1,
"allow_empty": true,
"optional": true,
"valid_values": [
"text"
]
}
],
"require_no_input": true,
"return_multiple_values": true,
"input_is_optional": true
}
}
]
},
"config_version": "text",
"created_by": "text",
"created_at": "2025-08-25T15:00:15.249Z",
"updated_at": "2025-08-25T15:00:15.249Z",
"published_by": "text",
"published_at": "2025-08-25T15:00:15.249Z"
},
"initial_complete": true,
"secondary_source_of_identities": [
{
"entity_type": "text",
"datasource_ids": [
"text"
],
"provider_external_ids": [
"text"
],
"correlation_attribute_names": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"only_enrich_existing": true
}
],
"sync_only_when_source_changes": true,
"time_before_sync_if_no_source_changes_in_minutes": 1,
"identity_attribute_mappings": [
{
"identity_attribute": 1,
"entity_attribute_name": "text"
}
],
"safety_limit_settings": {
"enable_change_limit": true,
"enable_predictive_change_limit": true,
"max_identities_affected_percentage": 1,
"max_identities_affected_count": "text",
"warning_email_addresses": [
"text"
]
},
"safety_limit_warning": {
"warning_type": 1,
"occurred_at": "2025-08-25T15:00:15.249Z",
"caused_by_extraction_event": {
"id": "text",
"data_source_id": "text",
"provider_id": "text",
"provider_type": "text",
"state": 1,
"provider_external_id": "text",
"agent_type": 1,
"error_message": "text",
"extracted_at": "2025-08-25T15:00:15.249Z",
"policy_id": "text",
"event_type": 1,
"number_of_identities_affected": "text",
"disregard_change_limit": true
},
"identities_changed_count": "text",
"predicted_identities_changed_count": "text"
},
"no_retry_for_failed_workflow": true,
"max_retries_for_failed_workflow": 1,
"event_notification_settings": [
{
"event_type": 1,
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"created_by": "text",
"created_at": "2025-08-25T15:00:15.249Z",
"updated_at": "2025-08-25T15:00:15.249Z"
},
"version": {
"policy_id": "text",
"version_number": 1,
"state": 1,
"config": {
"workflows": [
{
"trigger_type": 1,
"description": "text",
"trigger_string": "text",
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"continuous_sync": true,
"name": "text",
"state": 1,
"attribute_to_get_execute_date": "text",
"local_time_zone_diff_from_utc": 1,
"local_time_zone_attribute": "text",
"trigger_at_local_time_hour": 1,
"execute_date_time_formatters": [
{
"date_formatter": "text",
"pipeline_functions": "text"
}
],
"grace_period_in_sec": 1,
"skip_trigger_recheck_after_grace_period": true,
"priority": 1
}
],
"actions": [
{
"name": "text",
"description": "text",
"type": 1,
"config": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"action_notification_settings": [
{
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"state": 1,
"run_once": true
}
],
"attribute_common_transformers": [
{
"name": "text",
"description": "text",
"entity_type": "text",
"entity_attribute_transformers": [
{
"destination_attribute": "text",
"destination_value_formatter": "text",
"continuous_sync": true,
"additional_value_formatter": [
"text"
],
"pipeline_functions": "text",
"unique_identifier": true
}
]
}
],
"lookup_table_references": [
{
"name": "text",
"description": "text",
"column_names": [
"text"
],
"lookup_table_id": "text"
}
],
"mover_properties": [
"text"
],
"password_complexity_rules": [
{
"name": "text",
"length": 1,
"use_special_characters": true,
"use_numbers": true,
"use_uppercase": true,
"use_lowercase": true,
"disallowed_characters": "text"
}
],
"transformer_functions": [
{
"function_expression": "text",
"definition": {
"name": "text",
"description": "text",
"parameters": [
{
"name": "text",
"description": "text",
"type": 1,
"allow_empty": true,
"optional": true,
"valid_values": [
"text"
]
}
],
"require_no_input": true,
"return_multiple_values": true,
"input_is_optional": true
}
}
]
},
"config_version": "text",
"created_by": "text",
"created_at": "2025-08-25T15:00:15.249Z",
"updated_at": "2025-08-25T15:00:15.249Z",
"published_by": "text",
"published_at": "2025-08-25T15:00:15.249Z"
}
}name
string
Yes
Human-readable name for the policy
description
string
No
Detailed description of the policy's purpose
state
string
No
Initial policy state: INITIAL, RUNNING, PAUSED, DRY_RUN, PENDING (default: INITIAL)
datasource_ids
array[string]
Yes
The source of truth data source(s) for this policy (must have one and must be of the same type)
event_notification_settings
array[object]
No
What notifications are to be sent when an event occurs
secondary_source_of_identities
array[object]
No
Allows the ability to enrich the primary source of identity
sync_only_when_source_changes
boolean
No
If true will only sync if the source of identity changes
time_before_sync_if_no_source_changes_in_minutes
integer
No
If sync_only_when_source_changes is true, how quickly (in minutes) to run a check when no changes are detected (default is 1 day 1440)
identity_attribute_mappings
array[object]
No
Mappings between the Identity attributes and the SOI attribute
safety_limit_settings
object
No
Settings that determine when to block changes and send warnings
no_retry_for_failed_workflow
boolean
No
If true will not retry failed workflows
max_retries_for_failed_workflow
integer
No
How many times we will retry a failed workflow (default is 10)
Complex Field Details
Event Notification Settings: The event_notification_settings array contains objects that define when and how to send notifications:
event_type
string
The type of event that triggers the notification
notification_settings
object
Configuration for how notifications are sent
Secondary Source of Identity: The secondary_source_of_identities array allows enriching the primary source of identity:
datasource_ids
array[string]
Data sources for the secondary identity source
correlation_attribute_names
object
Key-value pairs mapping primary to secondary attributes
only_enrich_existing
boolean
If true, only enriches existing identities, doesn't create new ones
Identity Attribute Mappings: The identity_attribute_mappings array maps identity attributes to entity attributes:
identity_attribute
string
The identity attribute type (EMAIL, TITLE, EMPLOYEE_ID, DEPARTMENT, MANAGER_IDS)
entity_attribute_name
string
The name of the entity attribute to map to
Safety Limit Settings: The safety_limit_settings object prevents mass changes:
enable_change_limit
boolean
Enable stopping changes when safety limit is reached
enable_predictive_change_limit
boolean
Enable blocking all changes if predicted to exceed limit
max_identities_affected_percentage
float
Maximum percentage of identities that can be affected (0-100)
max_identities_affected_count
integer
Maximum number of identities that can be affected
warning_email_addresses
array[string]
Email addresses to notify when safety limits are triggered
curl -X POST "https://your-tenant.vezacloud.com/api/private/lifecycle_management/policies" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Employee Onboarding Policy",
"description": "Automated access provisioning for new employees",
"state": "INITIAL",
"datasource_ids": ["549a4b5e-0328-4c87-a19d-ee8a2926d1aa"]
}'The source of truth data source(s) for this policy (must have one and must be of the same type)
If true will only sync if the source of identity changes
If sync_only_when_source_changes is true, how quickly (in minutes) to run a check when no changes are detected (default is 1 day 1440)
Settings that determine when to block changes and send warnings
if true will not retry failed workflows
how many times we will retry a failed workflow (default is 10)
OK
Default error response
POST /api/private/lifecycle_management/policies HTTP/1.1
Host: your-tenant.cookiecloud.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 910
{
"name": "text",
"description": "text",
"state": 1,
"datasource_ids": [
"text"
],
"event_notification_settings": [
{
"event_type": 1,
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"secondary_source_of_identities": [
{
"datasource_ids": [
"text"
],
"correlation_attribute_names": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"only_enrich_existing": true
}
],
"sync_only_when_source_changes": true,
"time_before_sync_if_no_source_changes_in_minutes": 1,
"identity_attribute_mappings": [
{
"identity_attribute": 1,
"entity_attribute_name": "text"
}
],
"safety_limit_settings": {
"enable_change_limit": true,
"enable_predictive_change_limit": true,
"max_identities_affected_percentage": 1,
"max_identities_affected_count": "text",
"warning_email_addresses": [
"text"
]
},
"no_retry_for_failed_workflow": true,
"max_retries_for_failed_workflow": 1
}{
"value": {
"id": "text",
"name": "text",
"description": "text",
"state": 1,
"current_version_number": 1,
"draft_version_number": 1,
"entity_type": "text",
"datasource_ids": [
"text"
],
"access_profiles_used": [
"text"
],
"provider_external_ids": [
"text"
],
"current_version": {
"policy_id": "text",
"version_number": 1,
"state": 1,
"config": {
"workflows": [
{
"trigger_type": 1,
"description": "text",
"trigger_string": "text",
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"continuous_sync": true,
"name": "text",
"state": 1,
"attribute_to_get_execute_date": "text",
"local_time_zone_diff_from_utc": 1,
"local_time_zone_attribute": "text",
"trigger_at_local_time_hour": 1,
"execute_date_time_formatters": [
{
"date_formatter": "text",
"pipeline_functions": "text"
}
],
"grace_period_in_sec": 1,
"skip_trigger_recheck_after_grace_period": true,
"priority": 1
}
],
"actions": [
{
"name": "text",
"description": "text",
"type": 1,
"config": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"action_notification_settings": [
{
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"state": 1,
"run_once": true
}
],
"attribute_common_transformers": [
{
"name": "text",
"description": "text",
"entity_type": "text",
"entity_attribute_transformers": [
{
"destination_attribute": "text",
"destination_value_formatter": "text",
"continuous_sync": true,
"additional_value_formatter": [
"text"
],
"pipeline_functions": "text",
"unique_identifier": true
}
]
}
],
"lookup_table_references": [
{
"name": "text",
"description": "text",
"column_names": [
"text"
],
"lookup_table_id": "text"
}
],
"mover_properties": [
"text"
],
"password_complexity_rules": [
{
"name": "text",
"length": 1,
"use_special_characters": true,
"use_numbers": true,
"use_uppercase": true,
"use_lowercase": true,
"disallowed_characters": "text"
}
],
"transformer_functions": [
{
"function_expression": "text",
"definition": {
"name": "text",
"description": "text",
"parameters": [
{
"name": "text",
"description": "text",
"type": 1,
"allow_empty": true,
"optional": true,
"valid_values": [
"text"
]
}
],
"require_no_input": true,
"return_multiple_values": true,
"input_is_optional": true
}
}
]
},
"config_version": "text",
"created_by": "text",
"created_at": "2025-08-25T15:00:15.249Z",
"updated_at": "2025-08-25T15:00:15.249Z",
"published_by": "text",
"published_at": "2025-08-25T15:00:15.249Z"
},
"initial_complete": true,
"secondary_source_of_identities": [
{
"entity_type": "text",
"datasource_ids": [
"text"
],
"provider_external_ids": [
"text"
],
"correlation_attribute_names": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"only_enrich_existing": true
}
],
"sync_only_when_source_changes": true,
"time_before_sync_if_no_source_changes_in_minutes": 1,
"identity_attribute_mappings": [
{
"identity_attribute": 1,
"entity_attribute_name": "text"
}
],
"safety_limit_settings": {
"enable_change_limit": true,
"enable_predictive_change_limit": true,
"max_identities_affected_percentage": 1,
"max_identities_affected_count": "text",
"warning_email_addresses": [
"text"
]
},
"safety_limit_warning": {
"warning_type": 1,
"occurred_at": "2025-08-25T15:00:15.249Z",
"caused_by_extraction_event": {
"id": "text",
"data_source_id": "text",
"provider_id": "text",
"provider_type": "text",
"state": 1,
"provider_external_id": "text",
"agent_type": 1,
"error_message": "text",
"extracted_at": "2025-08-25T15:00:15.249Z",
"policy_id": "text",
"event_type": 1,
"number_of_identities_affected": "text",
"disregard_change_limit": true
},
"identities_changed_count": "text",
"predicted_identities_changed_count": "text"
},
"no_retry_for_failed_workflow": true,
"max_retries_for_failed_workflow": 1,
"event_notification_settings": [
{
"event_type": 1,
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"created_by": "text",
"created_at": "2025-08-25T15:00:15.249Z",
"updated_at": "2025-08-25T15:00:15.249Z"
},
"version": {
"policy_id": "text",
"version_number": 1,
"state": 1,
"config": {
"workflows": [
{
"trigger_type": 1,
"description": "text",
"trigger_string": "text",
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"continuous_sync": true,
"name": "text",
"state": 1,
"attribute_to_get_execute_date": "text",
"local_time_zone_diff_from_utc": 1,
"local_time_zone_attribute": "text",
"trigger_at_local_time_hour": 1,
"execute_date_time_formatters": [
{
"date_formatter": "text",
"pipeline_functions": "text"
}
],
"grace_period_in_sec": 1,
"skip_trigger_recheck_after_grace_period": true,
"priority": 1
}
],
"actions": [
{
"name": "text",
"description": "text",
"type": 1,
"config": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"conditions_on_success": [
{
"condition_type": 1,
"condition_string": "text",
"actions_to_run": [
{
"name": "text",
"type": 1
}
],
"name": "text",
"continue_actions_if_any_error": true,
"state": 1
}
],
"action_notification_settings": [
{
"notification_settings": {
"notification_type": 1,
"notification_id": "text",
"type_settings": {
"@type": "text",
"ANY_ADDITIONAL_PROPERTY": "anything"
}
},
"on_success": true,
"on_failure": true
}
],
"state": 1,
"run_once": true
}
],
"attribute_common_transformers": [
{
"name": "text",
"description": "text",
"entity_type": "text",
"entity_attribute_transformers": [
{
"destination_attribute": "text",
"destination_value_formatter": "text",
"continuous_sync": true,
"additional_value_formatter": [
"text"
],
"pipeline_functions": "text",
"unique_identifier": true
}
]
}
],
"lookup_table_references": [
{
"name": "text",
"description": "text",
"column_names": [
"text"
],
"lookup_table_id": "text"
}
],
"mover_properties": [
"text"
],
"password_complexity_rules": [
{
"name": "text",
"length": 1,
"use_special_characters": true,
"use_numbers": true,
"use_uppercase": true,
"use_lowercase": true,
"disallowed_characters": "text"
}
],
"transformer_functions": [
{
"function_expression": "text",
"definition": {
"name": "text",
"description": "text",
"parameters": [
{
"name": "text",
"description": "text",
"type": 1,
"allow_empty": true,
"optional": true,
"valid_values": [
"text"
]
}
],
"require_no_input": true,
"return_multiple_values": true,
"input_is_optional": true
}
}
]
},
"config_version": "text",
"created_by": "text",
"created_at": "2025-08-25T15:00:15.249Z",
"updated_at": "2025-08-25T15:00:15.249Z",
"published_by": "text",
"published_at": "2025-08-25T15:00:15.249Z"
}
}{
"value": {
"access_profiles_used": [],
"created_at": "2024-07-15T16:14:05.810837840Z",
"created_by": "eacb938c-431b-4023-93b1-417eb16b9fdf",
"current_version": {
"policy_id": "d5af38e8-df8e-416b-80cc-3aafb6bef594",
"version_number": 1,
"state": "DRAFT",
"config": {
"workflows": [],
"actions": [],
"attribute_common_transformers": []
}
},
"current_version_number": 1,
"datasource_ids": [
"549a4b5e-0328-4c87-a19d-ee8a2926d1aa"
],
"description": "Automated access provisioning for new employees",
"draft_version_number": 0,
"entity_type": "WorkdayWorker",
"event_notification_settings": [],
"id": "d5af38e8-df8e-416b-80cc-3aafb6bef594",
"initial_complete": false,
"name": "Employee Onboarding Policy",
"provider_external_ids": [
"https://wd5-impl-services1.workday.com/veza_preview"
],
"secondary_source_of_identities": [],
"state": "INITIAL",
"updated_at": "2024-07-15T16:14:05.810837840Z"
}
}