Skip to main content
POST
/
v1
/
policies
Create compliance policy
curl --request POST \
  --url https://api.trycomp.ai/v1/policies \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "name": "Data Privacy Policy",
  "content": [
    {
      "type": "heading",
      "attrs": {
        "level": 2,
        "textAlign": null
      },
      "content": [
        {
          "type": "text",
          "text": "Purpose"
        }
      ]
    },
    {
      "type": "paragraph",
      "attrs": {
        "textAlign": null
      },
      "content": [
        {
          "type": "text",
          "text": "Verify workforce integrity and grant the right access at start, revoke at end."
        }
      ]
    }
  ]
}
'
const options = {
  method: 'POST',
  headers: {'X-API-Key': '<api-key>', 'Content-Type': 'application/json'},
  body: JSON.stringify({
    name: 'Data Privacy Policy',
    content: [
      {
        type: 'heading',
        attrs: {level: 2, textAlign: null},
        content: [{type: 'text', text: 'Purpose'}]
      },
      {
        type: 'paragraph',
        attrs: {textAlign: null},
        content: [
          {
            type: 'text',
            text: 'Verify workforce integrity and grant the right access at start, revoke at end.'
          }
        ]
      }
    ]
  })
};

fetch('https://api.trycomp.ai/v1/policies', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
import requests

url = "https://api.trycomp.ai/v1/policies"

payload = {
    "name": "Data Privacy Policy",
    "content": [
        {
            "type": "heading",
            "attrs": {
                "level": 2,
                "textAlign": None
            },
            "content": [
                {
                    "type": "text",
                    "text": "Purpose"
                }
            ]
        },
        {
            "type": "paragraph",
            "attrs": { "textAlign": None },
            "content": [
                {
                    "type": "text",
                    "text": "Verify workforce integrity and grant the right access at start, revoke at end."
                }
            ]
        }
    ]
}
headers = {
    "X-API-Key": "<api-key>",
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
{
  "id": "pol_abc123def456",
  "name": "Data Privacy Policy",
  "description": "This policy outlines how we handle and protect personal data",
  "status": "draft",
  "content": [
    {
      "type": "paragraph",
      "content": [
        {
          "type": "text",
          "text": "Policy content here"
        }
      ]
    }
  ],
  "frequency": "yearly",
  "department": "it",
  "isRequiredToSign": true,
  "signedBy": [],
  "reviewDate": "2024-12-31T00:00:00.000Z",
  "isArchived": false,
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T00:00:00.000Z",
  "organizationId": "org_abc123def456",
  "assigneeId": "usr_abc123def456",
  "approverId": "usr_xyz789abc123"
}
{
  "message": "Invalid policy content format"
}
{
  "message": "Unauthorized"
}

Authorizations

X-API-Key
string
header
required

API key for authentication

Headers

X-Organization-Id
string

Organization ID (required for session auth, optional for API key auth)

Body

application/json

Policy creation data

name
string
required

Name of the policy

Example:

"Data Privacy Policy"

content
object[]
required

Content of the policy as TipTap JSON (array of nodes)

Example:
[
  {
    "type": "heading",
    "attrs": { "level": 2, "textAlign": null },
    "content": [{ "type": "text", "text": "Purpose" }]
  },
  {
    "type": "paragraph",
    "attrs": { "textAlign": null },
    "content": [
      {
        "type": "text",
        "text": "Verify workforce integrity and grant the right access at start, revoke at end."
      }
    ]
  }
]
description
string

Description of the policy

Example:

"This policy outlines how we handle and protect personal data"

status
enum<string>

Status of the policy

Available options:
draft,
published,
needs_review
Example:

"draft"

frequency
enum<string>

Review frequency of the policy

Available options:
monthly,
quarterly,
yearly
Example:

"yearly"

department
string

Department this policy applies to. Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted.

Maximum string length: 64
Example:

"it"

isRequiredToSign
boolean

Whether this policy requires a signature

Example:

true

reviewDate
string

Review date for the policy

Example:

"2024-12-31T00:00:00.000Z"

assigneeId
string

ID of the user assigned to this policy

Example:

"usr_abc123def456"

approverId
string

ID of the user who approved this policy

Example:

"usr_xyz789abc123"

policyTemplateId
string

ID of the policy template this policy is based on

Example:

"plt_template123"

signedBy
string[]

List of user IDs who have signed this policy

Example:
["usr_123", "usr_456"]

Response

Policy created successfully

id
string
required

The policy ID

Example:

"pol_abc123def456"

name
string
required

Name of the policy

Example:

"Data Privacy Policy"

description
string | null
required

Description of the policy

Example:

"This policy outlines how we handle and protect personal data"

status
enum<string>
required

Status of the policy

Available options:
draft,
published,
needs_review
Example:

"draft"

content
object[]
required

Content of the policy as TipTap JSON (array of nodes)

Example:
[
  {
    "type": "heading",
    "attrs": { "level": 2, "textAlign": null },
    "content": [{ "type": "text", "text": "Purpose" }]
  },
  {
    "type": "paragraph",
    "attrs": { "textAlign": null },
    "content": [
      {
        "type": "text",
        "text": "Verify workforce integrity and grant the right access at start, revoke at end."
      }
    ]
  }
]
frequency
enum<string> | null
required

Review frequency of the policy

Available options:
monthly,
quarterly,
yearly
Example:

"yearly"

department
string | null
required

Department this policy applies to. May be one of the built-in values (none, admin, gov, hr, it, itsm, qms) or a custom department name.

Example:

"it"

isRequiredToSign
boolean
required

Whether this policy requires a signature

Example:

true

signedBy
string[]
required

List of user IDs who have signed this policy

Example:
["usr_123", "usr_456"]
reviewDate
string<date-time> | null
required

Review date for the policy

Example:

"2024-12-31T00:00:00.000Z"

isArchived
boolean
required

Whether this policy is archived

Example:

false

archivedAt
string<date-time> | null
required

When the policy was archived by framework sync

Example:

"2024-02-01T00:00:00.000Z"

createdAt
string<date-time>
required

When the policy was created

Example:

"2024-01-01T00:00:00.000Z"

updatedAt
string<date-time>
required

When the policy was last updated

Example:

"2024-01-15T00:00:00.000Z"

lastArchivedAt
string<date-time> | null
required

When the policy was last archived

Example:

"2024-02-01T00:00:00.000Z"

lastPublishedAt
string<date-time> | null
required

When the policy was last published

Example:

"2024-01-10T00:00:00.000Z"

organizationId
string
required

Organization ID this policy belongs to

Example:

"org_abc123def456"

assigneeId
string | null
required

ID of the user assigned to this policy

Example:

"usr_abc123def456"

approverId
string | null
required

ID of the user who approved this policy

Example:

"usr_xyz789abc123"

policyTemplateId
string | null
required

ID of the policy template this policy is based on

Example:

"plt_template123"