Get Rule
Retrieve a specific rule by ID.
Endpoint
Retrieves a single rule with its complete configuration including applications, obfuscations, filters, and time windows.
Authentication
Requires any valid API Key. All keys have read access.
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id |
UUID | Rule ID |
Response
Returns the complete rule object:
Response Format
{
"id": "rule-uuid-123",
"name": "Block PII in External APIs",
"description": "Prevent PII from being sent to third-party services",
"action": "block",
"enable": true,
"icapMode": "REQMOD",
"apps": ["app-uuid-1", "app-uuid-2"],
"obfuscations": ["obfuscation-uuid-1"],
"userFilters": [
{
"condition": "notequal",
"filter": "admin"
}
],
"groupFilters": [
{
"condition": "contains",
"filter": "Engineering",
"provider": "AzureAD"
}
],
"timeFilterEnabled": true,
"timeFilter": {
"timeWindows": [
{
"startTime": "09:00",
"endTime": "17:00"
}
],
"daysOfWeek": [1, 2, 3, 4, 5],
"timezone": "America/New_York",
"behavior": "match"
},
"createdAt": 1704067200,
"updatedAt": 1704153600,
"readOnly": false
}
Response Fields
| Field | Type | Description |
|---|---|---|
id |
UUID | Unique rule identifier |
name |
string | Rule name |
description |
string | Rule description |
action |
string | Action to perform (detect, obfuscate, or block) |
enable |
boolean | Whether rule is active |
icapMode |
string | ICAP mode (REQMOD, RESPMOD, or empty for both) |
apps |
string[] | Application UUIDs this rule applies to |
obfuscations |
string[] | Obfuscation UUIDs |
userFilters |
array | User-based filters |
groupFilters |
array | Group-based filters |
timeFilterEnabled |
boolean | Whether time filtering is enabled |
timeFilter |
object | Time window configuration (null if disabled) |
createdAt |
integer | Unix timestamp when created |
updatedAt |
integer | Unix timestamp of last update |
readOnly |
boolean | Whether this is a system rule (cannot be modified) |
Examples
Get Rule by ID
Retrieve a specific rule to view its configuration.
import requests
BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}
rule_id = "rule-uuid-123"
response = requests.get(f"{BASE_URL}/api/rules/{rule_id}", headers=HEADERS)
rule = response.json()
print(f"Rule: {rule['name']}")
print(f"Action: {rule['action']}")
print(f"Enabled: {rule['enable']}")
print(f"Applications: {len(rule['apps'])}")
print(f"Obfuscations: {len(rule['obfuscations'])}")
const axios = require('axios');
const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };
const ruleId = 'rule-uuid-123';
const response = await axios.get(`${BASE_URL}/api/rules/${ruleId}`, { headers: HEADERS });
const rule = response.data;
console.log(`Rule: ${rule.name}`);
console.log(`Action: ${rule.action}`);
console.log(`Enabled: ${rule.enable}`);
console.log(`Applications: ${rule.apps.length}`);
console.log(`Obfuscations: ${rule.obfuscations.length}`);
Error Responses
| Status Code | Description |
|---|---|
401 |
Invalid or expired API key |
404 |
Rule not found |
Related Topics
- List Rules - Query all rules
- Update Rule - Modify this rule
- Delete Rule - Remove this rule
- Enable/Disable Rule - Toggle rule without full update
- Activities API - Query activity for this rule