Skip to main content
The policies endpoint lets you inspect the policy profiles that InferenceWall has loaded. Use it to verify which policy is active, check detection thresholds, and review per-signature overrides — without needing access to the file system.

GET /v1/policies

List all loaded policy profiles with their full configuration.

Example

curl http://localhost:8000/v1/policies \
  -H "Authorization: Bearer iwk_scan_YOUR_KEY"

[
  {
    "name": "default",
    "mode": "enforce",
    "thresholds": {
      "input": {
        "flag": 4.0,
        "block": 10.0
      },
      "output": {
        "flag": 3.0,
        "block": 7.0
      }
    },
    "overrides": []
  }
]

Response fields

name
string
The policy profile name as defined in the policy YAML file.
mode
string
Operating mode: enforce (apply decisions) or monitor (log only, never block).
thresholds
object
Score thresholds that drive flag and block decisions for inbound and outbound traffic.
overrides
array
Per-signature overrides applied on top of the base policy. Each entry can disable a specific signature, change its action, or adjust its scoring weight.

Use cases

  • Verify the active policy — confirm that the correct policy file was loaded after startup or a hot-reload.
  • Inspect thresholds — check flag and block thresholds without reading the policy YAML directly.
  • Audit per-signature overrides — review which signatures have been customized, disabled, or had their action changed from the default.
After changing your policy file, call POST /v1/admin/reload to apply the changes without restarting the server, then call GET /v1/policies to confirm the update took effect.
For guidance on configuring policies, see Policies and Custom Policies.