Intents & PermitsPolicy Configuration
Policy Configuration
Policies define the rules that govern when human approval is required. You configure them in the SilentAuth dashboard or via the Management API. Each policy rule matches one or more actions and specifies the approval requirements.
Policy Structure
{
"name": "Production Safeguards",
"rules": [
{
"match": { "action": "deploy_production" },
"require_approval": true,
"approvers": ["ops-team"],
"min_approvals": 1,
"timeout": 1800
},
{
"match": { "action": "delete_*" },
"require_approval": true,
"approvers": ["admin@acme.io"],
"min_approvals": 2,
"timeout": 3600
},
{
"match": { "action": "deploy_staging" },
"require_approval": false // auto-approve
}
]
}Match Patterns
| Pattern | Matches |
|---|---|
| deploy_production | Exact match only |
| delete_* | Any action starting with delete_ |
| * | All actions (catch-all rule) |
| deploy_production | rotate_* | Union of patterns |
Approver Types
Individual
"jane@acme.io"A specific email address of an approver registered in your project.
Team
"ops-team"Any member of a named team can approve. Teams are managed in the dashboard.
Role
"role:admin"Any user with the specified role in the SilentAuth project.
Policy via Management API
PUT /v1/projects/{projectId}/policies
Authorization: Bearer sk_live_xxx
{
"rules": [
{
"match": { "action": "deploy_production" },
"require_approval": true,
"approvers": ["ops-team"],
"timeout": 1800
}
]
}