Listing Rules

Query and retrieve all rules configured in Shield.

Endpoint

GET /api/rules

Retrieves all rules with their complete configuration including applications, obfuscations, and filters.

Authentication

Requires any valid API Key. All keys have read access.

Query Parameters

Parameter	Type	Description	Default
`skip`	integer	Number of records to skip	`0`
`take`	integer	Number of records to return	All records
`sortBy`	string	Sort specification (e.g., `"name asc"`)	`"name asc"`

Response

Returns a paginated list of rules:

Response Format

{
  "items": [
    {
      "id": "rule-uuid-1",
      "name": "Block PII in External APIs",
      "description": "Prevent PII from being sent to third-party services",
      "action": "block",
      "enable": true,
      "icapMode": "REQMOD",
      "apps": ["app-uuid-1", "app-uuid-2"],
      "obfuscations": ["obfuscation-uuid-1"],
      "userFilters": [
        {
          "condition": "notequal",
          "filter": "admin"
        }
      ],
      "groupFilters": [],
      "timeFilterEnabled": false,
      "timeFilter": null,
      "createdAt": 1704067200,
      "updatedAt": 1704153600
    },
    {
      "id": "rule-uuid-2",
      "name": "Detect SSNs in Payment APIs",
      "description": "Audit SSN usage in payment processing",
      "action": "detect",
      "enable": true,
      "icapMode": "REQMOD",
      "apps": ["payment-app-uuid"],
      "obfuscations": [],
      "userFilters": [],
      "groupFilters": [],
      "timeFilterEnabled": false,
      "timeFilter": null,
      "createdAt": 1704067200,
      "updatedAt": 1704153600
    }
  ],
  "count": 2
}

Response Fields

Field	Type	Description
`items`	array	Array of rule objects
`count`	integer	Total number of rules returned

Each rule object contains:

Field	Type	Description
`id`	UUID	Unique rule identifier
`name`	string	Rule name
`description`	string	Rule description
`action`	string	Action to perform (`detect`, `obfuscate`, or `block`)
`enable`	boolean	Whether rule is active
`icapMode`	string	ICAP mode (REQMOD, RESPMOD, or empty for both)
`apps`	string[]	Application UUIDs this rule applies to
`obfuscations`	string[]	Obfuscation UUIDs
`userFilters`	array	User-based filters
`groupFilters`	array	Group-based filters
`timeFilterEnabled`	boolean	Whether time filtering is enabled
`timeFilter`	object	Time window configuration (null if disabled)
`createdAt`	integer	Unix timestamp when created
`updatedAt`	integer	Unix timestamp of last update

Examples

List All Rules

Retrieve all rules sorted by name.

cURLPythonNode.js

 curl -X GET "https://your-shield-host:8080/api/rules?sortBy=name+asc" \
   -H "Authorization: Bearer YOUR_API_KEY"

import requests

BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}

response = requests.get(
    f"{BASE_URL}/api/rules",
    headers=HEADERS,
    params={"sortBy": "name asc"}
)
rules = response.json()

print(f"Total rules: {rules['count']}")
for rule in rules['items']:
    print(f"- {rule['name']}: {rule['action']} ({rule['enable'] and 'enabled' or 'disabled'})")

const axios = require('axios');

const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };

const response = await axios.get(`${BASE_URL}/api/rules`, {
  headers: HEADERS,
  params: { sortBy: 'name asc' }
});
const rules = response.data;

console.log(`Total rules: ${rules.count}`);
rules.items.forEach(rule => {
  console.log(`- ${rule.name}: ${rule.action} (${rule.enable ? 'enabled' : 'disabled'})`);
});

Paginated Results

Retrieve all rules with pagination.

cURLPythonNode.js

# Get first 10 rules
curl -X GET "https://your-shield-host:8080/api/rules?skip=0&take=10" \
  -H "Authorization: Bearer YOUR_API_KEY"

# Get next 10 rules
curl -X GET "https://your-shield-host:8080/api/rules?skip=10&take=10" \
  -H "Authorization: Bearer YOUR_API_KEY"

import requests

BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}

# Get first page
response = requests.get(
    f"{BASE_URL}/api/rules",
    headers=HEADERS,
    params={"skip": 0, "take": 10}
)
page1 = response.json()

print(f"Page 1: {len(page1['items'])} rules")

# Get second page
response = requests.get(
    f"{BASE_URL}/api/rules",
    headers=HEADERS,
    params={"skip": 10, "take": 10}
)
page2 = response.json()

print(f"Page 2: {len(page2['items'])} rules")

const axios = require('axios');

const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };

// Get first page
const page1 = await axios.get(`${BASE_URL}/api/rules`, {
  headers: HEADERS,
  params: { skip: 0, take: 10 }
});
console.log(`Page 1: ${page1.data.items.length} rules`);

// Get second page
const page2 = await axios.get(`${BASE_URL}/api/rules`, {
  headers: HEADERS,
  params: { skip: 10, take: 10 }
});
console.log(`Page 2: ${page2.data.items.length} rules`);

GET /api/rulesdeleted

Retrieve all rules including soft-deleted ones.

Endpoint

GET /api/rulesdeleted

Authentication

Requires any valid API Key. All keys have read access.

Response

Returns the same structure as GET /api/rules but includes rules that have been soft-deleted.

Use Cases

Historical Analysis - View rules that were active during past activity
Rule Recovery - Identify deleted rules for potential restoration
Audit Trails - Complete history of all rules ever configured

Error Responses

Status Code	Description
`401`	Invalid or expired API key

Create Rule - Create a new rule
Get Rule - View specific rule details
Update Rule - Modify an existing rule
Delete Rule - Remove a rule
Reorder Rules - Adjust rule evaluation priority

Listing Rules

Endpoint

Authentication

Query Parameters

Response

Response Fields

Examples

GET /api/rulesdeleted

Endpoint

Authentication

Response

Use Cases

Error Responses

Related Topics