Skip to main content
PUT
/
protection
/
platform
/
{scope_id}
/
mode
{
  "ok": true,
  "scope_id": "<string>",
  "content_hash": "<string>",
  "agents_flagged_for_recompose": 1,
  "_warnings": {}
}

Authorizations

Authorization
string
header
required

Supabase JWT token in Authorization: Bearer header

Headers

Idempotency-Key
string
required

Client-supplied idempotency token. Replays within 24 hours return the stored result verbatim. See ADR-023.

Required string length: 1 - 128
If-Match
string
required

Optimistic concurrency token. Pass the ETag from a recent GET ("sha256:<hex64>" shape). A stale ETag returns 412 Precondition Failed; a missing header returns 428 Precondition Required. See RFC 9110 §13.1.1.

Pattern: ^"sha256:[0-9a-f]{64}"$

Path Parameters

scope_id
enum<string>
required

Always default — the platform scope is a singleton; any other value returns 400 with care-framed guidance pointing at default.

Available options:
default

Body

The body is of type enum<string>.

Available options:
off,
observe,
nudge,
enforce

Response

The mode primitive was updated at the platform scope.

ok
boolean
required
scope
enum<string>
required
Available options:
platform
scope_id
string
required
resource
enum<string>
required
Available options:
protection
primitive
enum<string>
required
Available options:
mode
verb
enum<string>
required
Available options:
put,
patch
value
enum<string>
required
Available options:
off,
observe,
nudge,
enforce
content_hash
string
required

New sha256:<hex64> of the spec at this scope after the write.

agents_flagged_for_recompose
integer
Required range: x >= 0
_warnings
object

Pre-existing structural issues outside the modified primitive. Present only when the existing spec carries unrelated validation problems; never blocks the write.