stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
4231305fec4a24de438f29dc639575a39fd3b469
git.stella-ops.org/docs/api/gateway/policy-exceptions.md
StellaOps Bot 9a08d10b89 docs consolidation
2025-12-24 12:38:14 +02:00

1.3 KiB
Raw Blame History

Policy + Exceptions Gateway Contract (draft v0.1)

Scope: expose policy evaluation results that include exception metadata, plus simulation endpoints that accept exception overrides for what-if analysis.

Security / headers

  • Authorization: Bearer <token> (or DPoP where configured)
  • X-Stella-Tenant: <tenantId> (required; see docs/api/gateway/tenant-auth.md)
  • X-Stella-Project: <projectId> (optional)
  • X-Stella-Trace-Id: <traceId> (optional; clients SHOULD send one)
  • Scopes:
    • POST /policy/effective: policy:read AND exception:read
    • POST /policy/simulate: policy:simulate AND exception:read

Endpoints

  • POST /policy/effective — deterministic effective policy view over a list of findings.
  • POST /policy/simulate — simulate policy result changes with exception overrides.

Request/response notes

  • Requests MUST remain deterministic: stable ordering, ISO-8601 UTC timestamps only.
  • Pagination uses limit (max 200) and continuationToken (opaque string).
  • Exception metadata SHOULD reuse the Exception schema (docs/api/console/exception-schema.md) but MAY omit large fields like audit trails.

Samples

  • docs/api/gateway/samples/policy-effective-sample.json
  • docs/api/gateway/samples/policy-simulate-sample.json