Skip to main content

Policy API

Part of CLPI Phase 1: Policy Engine. The Policy API is the programmatic interface to the governance-as-code layer.
The Policy API provides programmatic access to policy management for agents and organizations — create, read, update, and delete policies, evaluate tool usage against policy rules, retrieve merged (resolved) policies, and inspect policy version history. Policies define what tools an agent may use, which are forbidden, and how unmapped actions are handled. Base URL: https://api.mnemom.ai/v1

Authentication

EndpointAuth RequiredNotes
GET /v1/agents/{agent_id}/policyAPI keyGet agent policy
PUT /v1/agents/{agent_id}/policyAPI keySet agent policy
DELETE /v1/agents/{agent_id}/policyAPI keyDelete agent policy
GET /v1/agents/{agent_id}/policy/resolvedAPI keyGet merged org+agent policy
GET /v1/orgs/{org_id}/policyAPI keyGet org policy
PUT /v1/orgs/{org_id}/policyAPI keySet org policy
DELETE /v1/orgs/{org_id}/policyAPI keyDelete org policy
GET /v1/orgs/{org_id}/policy/historyAPI keyGet org policy version history
POST /v1/policies/evaluateAPI keyEvaluate policy against tools
POST /v1/policies/evaluate/historicalAPI keyEvaluate against historical traces
API key authentication: Pass in the Authorization header: 
Authorization: Bearer {api_key}
API keys can be created in your dashboard under Settings or via POST /v1/api-keys.

Rate Limits

EndpointRate LimitWindow
GET /agents/{agent_id}/policy60 requestsper minute
PUT /agents/{agent_id}/policy30 requestsper minute
POST /policies/evaluate60 requestsper minute
All other policy endpoints30 requestsper minute
Rate-limited responses return HTTP 429 with a Retry-After header.

Endpoints

GET /v1/agents//policy

Retrieve the policy currently assigned to an agent. Returns the full policy document including metadata, capability mappings, forbidden rules, escalation triggers, and defaults. Parameters:
ParameterInTypeRequiredDescription
agent_idpathstringYesAgent identifier
Response: 200 OK 
{
  "id": "pol-abc123",
  "version": 3,
  "meta": {
    "schema_version": "1.0",
    "name": "support-agent-policy",
    "scope": "agent"
  },
  "capability_mappings": {
    "web_browsing": {
      "tools": ["mcp__browser__*"],
      "card_actions": ["web_fetch", "web_search"]
    }
  },
  "forbidden": [
    {
      "pattern": "mcp__filesystem__delete*",
      "reason": "Deletion not permitted",
      "severity": "critical"
    }
  ],
  "escalation_triggers": [],
  "defaults": {
    "unmapped_tool_action": "warn",
    "unmapped_severity": "medium",
    "fail_open": true,
    "enforcement_mode": "warn",
    "grace_period_hours": 24
  },
  "created_at": "2026-02-20T10:00:00.000Z",
  "updated_at": "2026-02-25T14:00:00.000Z"
}
Response fields:
FieldTypeDescription
idstringUnique policy identifier
versionnumberMonotonically increasing version number
metaobjectPolicy metadata (schema version, name, scope)
capability_mappingsobjectMaps capability names to tool patterns and card actions
forbiddenarrayList of forbidden tool patterns with reasons and severity
escalation_triggersarrayConditions that trigger escalation to a human or supervisor
defaultsobjectDefault behavior for unmapped tools and enforcement mode
created_atstringISO 8601 timestamp of initial creation
updated_atstringISO 8601 timestamp of last update
meta object:
FieldTypeDescription
schema_versionstringPolicy DSL schema version (e.g., "1.0")
namestringHuman-readable policy name
scopestringPolicy scope: "agent" or "org"
defaults object:
FieldTypeDescription
unmapped_tool_actionstringAction for tools not covered by any mapping: "allow", "warn", or "block"
unmapped_severitystringSeverity assigned to unmapped tool usage: "low", "medium", "high", or "critical"
fail_openbooleanIf true, allow tool execution when policy evaluation fails; if false, block on error
enforcement_modestring"enforce" blocks violations, "warn" logs without blocking
grace_period_hoursnumberHours after policy change before enforcement begins
Error responses:
StatusMeaning
401API key required or invalid
404Agent not found or no policy assigned

PUT /v1/agents//policy

Create or replace the policy for an agent. The policy version is incremented automatically on each update. Parameters:
ParameterInTypeRequiredDescription
agent_idpathstringYesAgent identifier
Request body: 
{
  "meta": {
    "schema_version": "1.0",
    "name": "support-agent-policy",
    "scope": "agent"
  },
  "capability_mappings": {
    "web_browsing": {
      "tools": ["mcp__browser__*"],
      "card_actions": ["web_fetch", "web_search"]
    }
  },
  "forbidden": [
    {
      "pattern": "mcp__filesystem__delete*",
      "reason": "Deletion not permitted",
      "severity": "critical"
    }
  ],
  "escalation_triggers": [],
  "defaults": {
    "unmapped_tool_action": "warn",
    "unmapped_severity": "medium",
    "fail_open": true,
    "enforcement_mode": "warn",
    "grace_period_hours": 24
  }
}
Request body fields:
FieldTypeRequiredDescription
metaobjectYesPolicy metadata including schema_version, name, and scope
capability_mappingsobjectNoMaps capability names to tool patterns and card actions
forbiddenarrayNoForbidden tool patterns; each entry has pattern, reason, and severity
escalation_triggersarrayNoConditions that trigger escalation
defaultsobjectNoDefault behavior configuration
Forbidden rule object:
FieldTypeRequiredDescription
patternstringYesGlob pattern matching tool names (e.g., "mcp__filesystem__delete*")
reasonstringYesHuman-readable reason for the restriction
severitystringYesSeverity level: "low", "medium", "high", or "critical"
Response: 200 OK 
{
  "id": "pol-abc123",
  "version": 3,
  "meta": {
    "schema_version": "1.0",
    "name": "support-agent-policy",
    "scope": "agent"
  },
  "capability_mappings": {
    "web_browsing": {
      "tools": ["mcp__browser__*"],
      "card_actions": ["web_fetch", "web_search"]
    }
  },
  "forbidden": [
    {
      "pattern": "mcp__filesystem__delete*",
      "reason": "Deletion not permitted",
      "severity": "critical"
    }
  ],
  "escalation_triggers": [],
  "defaults": {
    "unmapped_tool_action": "warn",
    "unmapped_severity": "medium",
    "fail_open": true,
    "enforcement_mode": "warn",
    "grace_period_hours": 24
  },
  "created_at": "2026-02-20T10:00:00.000Z",
  "updated_at": "2026-02-25T14:00:00.000Z"
}
Error responses:
StatusMeaning
400Invalid policy document (schema validation failed)
401API key required or invalid
422Semantic validation error (e.g., conflicting rules)

DELETE /v1/agents//policy

Delete the policy assigned to an agent. After deletion, the agent falls back to the org-level policy (if one exists) or operates with no policy constraints. Parameters:
ParameterInTypeRequiredDescription
agent_idpathstringYesAgent identifier
Response: 204 No Content Error responses:
StatusMeaning
401API key required or invalid
404Agent not found or no policy assigned

GET /v1/agents//policy/resolved

Retrieve the resolved (merged) policy for an agent. The resolved policy is the result of merging the org-level policy with the agent-level policy. Agent-level rules take precedence over org-level rules where conflicts exist. Parameters:
ParameterInTypeRequiredDescription
agent_idpathstringYesAgent identifier
Response: 200 OK 
{
  "agent_id": "smolt-a4c12709",
  "org_id": "org-7b3e1f",
  "resolved_policy": {
    "id": "pol-resolved-xyz",
    "version": 5,
    "meta": {
      "schema_version": "1.0",
      "name": "support-agent-policy (resolved)",
      "scope": "resolved"
    },
    "capability_mappings": {
      "web_browsing": {
        "tools": ["mcp__browser__*"],
        "card_actions": ["web_fetch", "web_search"]
      },
      "data_access": {
        "tools": ["mcp__db__read*"],
        "card_actions": ["read"]
      }
    },
    "forbidden": [
      {
        "pattern": "mcp__filesystem__delete*",
        "reason": "Deletion not permitted",
        "severity": "critical"
      },
      {
        "pattern": "mcp__admin__*",
        "reason": "Admin tools restricted at org level",
        "severity": "high"
      }
    ],
    "escalation_triggers": [],
    "defaults": {
      "unmapped_tool_action": "warn",
      "unmapped_severity": "medium",
      "fail_open": true,
      "enforcement_mode": "warn",
      "grace_period_hours": 24
    }
  },
  "sources": {
    "org_policy_version": 2,
    "agent_policy_version": 3,
    "merge_strategy": "agent_overrides_org"
  },
  "resolved_at": "2026-02-25T14:00:00.000Z"
}
Response fields:
FieldTypeDescription
agent_idstringAgent identifier
org_idstringOrganization identifier
resolved_policyobjectThe merged policy document
sourcesobjectProvenance of the resolved policy
resolved_atstringISO 8601 timestamp of when the merge was computed
sources object:
FieldTypeDescription
org_policy_versionnumberVersion of the org-level policy used in the merge
agent_policy_versionnumberVersion of the agent-level policy used in the merge
merge_strategystringMerge strategy applied (e.g., "agent_overrides_org")
Error responses:
StatusMeaning
401API key required or invalid
404Agent not found or no policy exists at any level

GET /v1/orgs//policy

Retrieve the org-level policy. Org policies serve as the baseline for all agents within the organization. Parameters:
ParameterInTypeRequiredDescription
org_idpathstringYesOrganization identifier
Response: 200 OK Returns a Policy object with the same structure as the agent policy response (see GET /v1/agents//policy), with meta.scope set to "org". Error responses:
StatusMeaning
401API key required or invalid
404Organization not found or no policy assigned

PUT /v1/orgs//policy

Create or replace the org-level policy. This policy serves as the baseline for all agents within the organization. Each update increments the version number. Parameters:
ParameterInTypeRequiredDescription
org_idpathstringYesOrganization identifier
Request body: Same structure as the agent policy request body (see PUT /v1/agents//policy), with meta.scope set to "org". Response: 200 OK with the saved policy including id, version, created_at, and updated_at. Error responses:
StatusMeaning
400Invalid policy document (schema validation failed)
401API key required or invalid
422Semantic validation error

DELETE /v1/orgs//policy

Delete the org-level policy. After deletion, agents that relied on this org policy as their baseline will operate with only their agent-level policy (if one exists) or no policy constraints. Parameters:
ParameterInTypeRequiredDescription
org_idpathstringYesOrganization identifier
Response: 204 No Content Error responses:
StatusMeaning
401API key required or invalid
404Organization not found or no policy assigned

GET /v1/orgs//policy/history

Retrieve the version history of an org-level policy. Each entry represents a previous version of the policy document. Parameters:
ParameterInTypeRequiredDescription
org_idpathstringYesOrganization identifier
pagequerynumberNoPage number (default: 1)
per_pagequerynumberNoResults per page (default: 20, max: 100)
Response: 200 OK 
{
  "versions": [
    {
      "version": 3,
      "meta": {
        "schema_version": "1.0",
        "name": "org-baseline-policy",
        "scope": "org"
      },
      "updated_at": "2026-02-25T14:00:00.000Z",
      "updated_by": "user-abc123"
    },
    {
      "version": 2,
      "meta": {
        "schema_version": "1.0",
        "name": "org-baseline-policy",
        "scope": "org"
      },
      "updated_at": "2026-02-20T10:00:00.000Z",
      "updated_by": "user-abc123"
    }
  ],
  "total": 3,
  "page": 1,
  "per_page": 20
}
Version object:
FieldTypeDescription
versionnumberVersion number
metaobjectPolicy metadata at time of this version
updated_atstringISO 8601 timestamp of when this version was created
updated_bystringUser identifier who made the change
Error responses:
StatusMeaning
401API key required or invalid
404Organization not found or no policy history

POST /v1/policies/evaluate

Evaluate a policy against a set of tools. Returns a verdict indicating whether the tools are permitted, any violations or warnings, and coverage analysis against the agent’s card actions. Request body: 
{
  "agent_id": "smolt-a4c12709",
  "tools": ["mcp__browser__navigate", "mcp__filesystem__delete"],
  "context": "gateway"
}
FieldTypeRequiredDescription
agent_idstringYesAgent identifier whose resolved policy will be evaluated
toolsstring[]YesList of tool names to evaluate against the policy
contextstringNoEvaluation context: "gateway", "runtime", or "audit" (default: "gateway")
Response: 200 OK 
{
  "verdict": "fail",
  "violations": [
    {
      "type": "forbidden",
      "tool": "mcp__filesystem__delete",
      "reason": "Deletion not permitted",
      "severity": "critical"
    }
  ],
  "warnings": [],
  "card_gaps": [],
  "coverage": {
    "total_card_actions": 5,
    "mapped_card_actions": ["web_fetch", "web_search"],
    "unmapped_card_actions": ["read", "write", "send_response"],
    "coverage_pct": 40
  },
  "policy_id": "pol-abc123",
  "policy_version": 3,
  "evaluated_at": "2026-02-25T14:00:00.000Z",
  "context": "gateway",
  "duration_ms": 12
}
Response fields:
FieldTypeDescription
verdictstringOverall result: "pass", "fail", or "warn"
violationsarrayPolicy violations found during evaluation
warningsarrayNon-blocking warnings (e.g., unmapped tools in "warn" mode)
card_gapsarrayCard actions that are declared but have no tool mapping
coverageobjectCoverage analysis of card actions vs. capability mappings
policy_idstringID of the policy that was evaluated
policy_versionnumberVersion of the policy that was evaluated
evaluated_atstringISO 8601 timestamp of evaluation
contextstringEvaluation context used
duration_msnumberTime taken for evaluation in milliseconds
Violation object:
FieldTypeDescription
typestringViolation type: "forbidden", "unmapped", or "escalation"
toolstringTool name that triggered the violation
reasonstringHuman-readable explanation
severitystringSeverity level: "low", "medium", "high", or "critical"
coverage object:
FieldTypeDescription
total_card_actionsnumberTotal number of card actions declared for the agent
mapped_card_actionsstring[]Card actions that have at least one tool mapping
unmapped_card_actionsstring[]Card actions with no tool mapping
coverage_pctnumberPercentage of card actions covered by capability mappings (0 — 100)
Error responses:
StatusMeaning
400Invalid request body (missing agent_id or tools)
401API key required or invalid
404Agent not found or no policy exists

POST /v1/policies/evaluate/historical

Evaluate a policy against historical traces for an agent. Replays past tool invocations through the current policy to surface retroactive violations. Useful for auditing policy changes before enforcement. Request body: 
{
  "agent_id": "smolt-a4c12709",
  "time_range": {
    "start": "2026-02-18T00:00:00.000Z",
    "end": "2026-02-25T23:59:59.000Z"
  },
  "context": "audit"
}
FieldTypeRequiredDescription
agent_idstringYesAgent identifier
time_rangeobjectYesTime range with start and end ISO 8601 timestamps
contextstringNoEvaluation context (default: "audit")
Response: 200 OK 
{
  "agent_id": "smolt-a4c12709",
  "traces_evaluated": 142,
  "verdict": "fail",
  "violation_count": 7,
  "violations": [
    {
      "type": "forbidden",
      "tool": "mcp__filesystem__delete",
      "reason": "Deletion not permitted",
      "severity": "critical",
      "trace_id": "tr-abc123",
      "occurred_at": "2026-02-22T09:15:00.000Z"
    }
  ],
  "summary": {
    "pass": 135,
    "warn": 0,
    "fail": 7
  },
  "policy_id": "pol-abc123",
  "policy_version": 3,
  "evaluated_at": "2026-02-25T14:05:00.000Z",
  "duration_ms": 340
}
Response fields:
FieldTypeDescription
agent_idstringAgent identifier
traces_evaluatednumberNumber of historical traces evaluated
verdictstringOverall result: "pass", "fail", or "warn"
violation_countnumberTotal number of violations found
violationsarrayViolation details including trace_id and occurred_at
summaryobjectBreakdown of trace verdicts: pass, warn, and fail counts
policy_idstringID of the policy evaluated against
policy_versionnumberVersion of the policy evaluated against
evaluated_atstringISO 8601 timestamp of evaluation
duration_msnumberTime taken for evaluation in milliseconds
Error responses:
StatusMeaning
400Invalid request body or time range
401API key required or invalid
404Agent not found or no policy exists
422Time range exceeds maximum (30 days)

Error Codes

StatusCodeDescription
400invalid_requestMissing or invalid parameters
401unauthorizedAPI key required but not provided or invalid
404not_foundAgent, org, or policy not found
422validation_errorSemantic validation failed (e.g., conflicting rules, invalid time range)
429rate_limitedToo many requests; check Retry-After header
500internal_errorServer error; retry with exponential backoff
All error responses follow the standard envelope: 
{
  "error": "not_found",
  "message": "No policy found for agent 'smolt-a4c12709'"
}

SDK Usage

import { MnemomClient } from '@mnemom/sdk';

const client = new MnemomClient({ apiKey: process.env.MNEMOM_API_KEY });

// Set an agent policy
const policy = await client.policies.set('smolt-a4c12709', {
  meta: {
    schema_version: '1.0',
    name: 'support-agent-policy',
    scope: 'agent',
  },
  capability_mappings: {
    web_browsing: {
      tools: ['mcp__browser__*'],
      card_actions: ['web_fetch', 'web_search'],
    },
  },
  forbidden: [
    {
      pattern: 'mcp__filesystem__delete*',
      reason: 'Deletion not permitted',
      severity: 'critical',
    },
  ],
  defaults: {
    unmapped_tool_action: 'warn',
    enforcement_mode: 'warn',
    fail_open: true,
  },
});

// Get the resolved (merged) policy
const resolved = await client.policies.getResolved('smolt-a4c12709');

// Evaluate tools against the policy
const result = await client.policies.evaluate({
  agent_id: 'smolt-a4c12709',
  tools: ['mcp__browser__navigate', 'mcp__filesystem__delete'],
  context: 'gateway',
});

console.log(result.verdict);       // "fail"
console.log(result.violations);    // [{ tool: "mcp__filesystem__delete", ... }]
console.log(result.coverage.coverage_pct); // 40

See Also