> ## Documentation Index
> Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Update policy



## OpenAPI

````yaml /public_v1.openapi.yaml put /api/v1/deployments/{deploymentId}/policies/{policyId}
openapi: 3.0.3
info:
  description: >

    Welcome to Semgrep's portal for the Semgrep AppSec Platform web API.


    # Introduction

    Semgrep is a fast, open-source, static analysis tool for finding bugs and
    enforcing code standards at editor,

    commit, and CI time. [Get
    started.](https://semgrep.dev/docs/getting-started/)


    This API is documented in the **OpenAPI format**.


    # Authentication

    The API supports authentication with an API token with the "Web API"
    permission, without limited

    scopes of access.


    You can provision an API token [from the Settings
    page](https://semgrep.dev/orgs/-/settings/tokens).


    # Terms of Use


    Please note, the materials made available herein are subject to the

    [Semgrep Terms of Use](https://semgrep.dev/resources/website-terms/), and
    your

    access or use of any of the same is your acknowledgment and acceptance of
    the

    such terms.


    <br>


    ___
  title: Semgrep Web App
  version: 1.0.0
servers: []
security: []
tags:
  - description: >-
      Deployments encapsulate your organization's security organization, with
      multiple projects, policies, and integrations. As the root object of the
      organization, they're similarly the root object of the API.
    name: DeploymentsService
    x-displayName: Deployment
    x-group: Deployment
  - description: >-
      Manage and retrieve code, supply chain, and AI-powered scan findings from
      Semgrep scans
    name: FindingsService
    x-displayName: Code, Supply Chain, and AI-Powered Scan
    x-group: Code, Supply Chain, and AI-Powered Scan
  - description: Utility endpoints.
    name: MiscService
    x-displayName: Other
    x-group: Other
  - description: >-
      View and manage the Policies of your organization.


      Deployments on the Unified Policies model use the [Policies V2
      API](/api/v2/docs/#tag/PoliciesV2Service) instead; this service stops
      working after the migration.
    name: PoliciesService
    x-displayName: Policies
    x-group: Policies
  - name: ProjectsService
    x-displayName: Projects
    x-group: Projects
  - description: View details of scans associated with projects in your organization.
    name: ScansService
    x-displayName: Scans
    x-group: Scans
  - description: View and manage the Secrets of your organization.
    name: SecretsService
    x-displayName: Secrets
    x-group: Secrets
  - description: |-
      Manage the Supply Chain findings and dependencies of your organization.

      A request body is required, but may be an empty object.
    name: SupplyChainService
    x-displayName: Supply Chain
    x-group: Supply Chain
  - description: Create and manage external tickets
    name: TicketingService
    x-displayName: Ticketing
    x-group: Ticketing
  - description: View and manage the triage of your organization.
    name: TriageService
    x-displayName: Triage
    x-group: Triage
paths:
  /api/v1/deployments/{deploymentId}/policies/{policyId}:
    put:
      tags:
        - PoliciesService
      summary: Update policy
      operationId: PoliciesService_UpdatePolicy
      parameters:
        - in: path
          name: deploymentId
          required: true
          schema:
            description: >-
              Deployment ID (numeric). Example: `123`. Can be found at
              `/deployments`, or in your Settings in the web UI.
            example: 123
            format: int64
            type: string
        - in: path
          name: policyId
          required: true
          schema:
            description: >-
              Policy ID (numeric). Example: `456`. Can be found at
              `/deployments/{deploymentId}/policies`.
            example: 456
            format: int64
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/protos.openapi.v1.UpdatePolicyRequest'
        required: true
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/protos.openapi.v1.UpdatePolicyResponse'
          description: OK
      security:
        - SemgrepWebToken: []
components:
  schemas:
    protos.openapi.v1.UpdatePolicyRequest:
      properties:
        deploymentId:
          description: >-
            Deployment ID (numeric). Example: `123`. Can be found at
            `/deployments`, or in your Settings in the web UI.
          example: 123
          format: int64
          type: string
        policyId:
          description: >-
            Policy ID (numeric). Example: `456`. Can be found at
            `/deployments/{deploymentId}/policies`.
          example: 456
          format: int64
          type: string
        policyMode:
          description: >+
            New policy mode to set for the Rule.

             - MODE_MONITOR: Monitor mode, silently report findings
             - MODE_COMMENT: Comment mode, leaves PR comments but does not block
             - MODE_BLOCK: Block mode, leaves PR comments and blocks PR
             - MODE_DISABLED: Disabled mode, not active

            | value | description |

            |-------|---------------|

            | MODE_MONITOR | Monitor mode, silently report findings |

            | MODE_COMMENT | Comment mode, leaves PR comments but does not block
            |

            | MODE_BLOCK | Block mode, leaves PR comments and blocks PR |

            | MODE_DISABLED | Disabled mode, not active |

          enum:
            - MODE_MONITOR
            - MODE_COMMENT
            - MODE_BLOCK
            - MODE_DISABLED
          format: enum
          type: string
        rulePath:
          description: Full path of the Rule.
          type: string
      required:
        - deployment_id
        - policy_id
        - rule_path
        - policy_mode
      title: Update Policy Request
      type: object
    protos.openapi.v1.UpdatePolicyResponse:
      properties:
        policyId:
          description: >-
            Policy ID (numeric). Example: `456`. Can be found at
            `/deployments/{deploymentId}/policies`.
          example: '1'
          format: int64
          type: string
        updatedRule:
          $ref: '#/components/schemas/protos.common.v1.Rule'
      type: object
    protos.common.v1.Rule:
      properties:
        category:
          description: Category the Rule is associated with.
          example: security
          type: string
        confidence:
          description: |+
            Confidence based on the Rule's false-positive rate.

            | value | description |
            |-------|---------------|
            | CONFIDENCE_HIGH |  |
            | CONFIDENCE_MEDIUM |  |
            | CONFIDENCE_LOW |  |

          enum:
            - CONFIDENCE_HIGH
            - CONFIDENCE_MEDIUM
            - CONFIDENCE_LOW
          example: CONFIDENCE_HIGH
          format: enum
          type: string
        cweCategories:
          description: The CWE associated with the Rule.
          example:
            - 'CWE-918: Server-Side Request Forgery (SSRF)'
          items:
            type: string
          type: array
        hasValidators:
          description: When True, the secrets rule has validators.
          type: boolean
        id:
          description: ID of the Rule.
          format: int64
          type: string
        languages:
          description: Languages the Rule applies to.
          example:
            - python
          items:
            type: string
          type: array
        lastChangeAt:
          description: Timestamp of when the Rule was last changed.
          example: '2024-07-29T22:33:37.380Z'
          format: date-time
          type: string
        lastChangeBy:
          description: Username of who last changed the Rule.
          type: string
        owaspCategories:
          description: Owasp categories the Rule is associated with.
          example:
            - 'A07: Cross-Site Scripting (XSS)'
          items:
            type: string
          type: array
        path:
          description: Full path of the Rule.
          example: python.rule.1
          type: string
        policyMode:
          description: >+
            Mode behavior: Monitor / Comment / Block / Disabled


            | value | description |

            |-------|---------------|

            | MODE_MONITOR | Monitor mode, silently report findings |

            | MODE_COMMENT | Comment mode, leaves PR comments but does not block
            |

            | MODE_BLOCK | Block mode, leaves PR comments and blocks PR |

            | MODE_DISABLED | Disabled mode, not active |

          enum:
            - MODE_MONITOR
            - MODE_COMMENT
            - MODE_BLOCK
            - MODE_DISABLED
          example: MODE_BLOCK
          format: enum
          type: string
        registryMaintainer:
          description: The Registry maintainer associated with the Rule (if applicable).
          example: semgrep
          type: string
        rulesets:
          description: Rulesets to which the Rule belongs (if applicable).
          example: []
          items:
            type: string
          type: array
        secretType:
          description: The secret type (if applicable).
          type: string
        severity:
          description: |+
            Severity level ("seriousness" of the finding)

            | value | description |
            |-------|---------------|
            | SEVERITY_HIGH |  |
            | SEVERITY_MEDIUM |  |
            | SEVERITY_LOW |  |
            | SEVERITY_CRITICAL |  |

          enum:
            - SEVERITY_HIGH
            - SEVERITY_MEDIUM
            - SEVERITY_LOW
            - SEVERITY_CRITICAL
          example: SEVERITY_HIGH
          format: enum
          type: string
        source:
          description: |+
            Source of the Rule

            | value | description |
            |-------|---------------|
            | SOURCE_PRO | From Pro rules |
            | SOURCE_COMMUNITY | From Semgrep Community rules |
            | SOURCE_CUSTOM | From Custom rules |

          enum:
            - SOURCE_PRO
            - SOURCE_COMMUNITY
            - SOURCE_CUSTOM
          example: SOURCE_COMMUNITY
          format: enum
          type: string
        technologies:
          description: Technologies the Rule is associated with.
          example:
            - django
            - flask
          items:
            type: string
          type: array
        url:
          description: The URL of the Rule.
          type: string
        vulnerabilityClass:
          description: Vulnerability classes the Rule is associated with.
          example: Improper Authentication
          items:
            type: string
          type: array
      title: Rule
      type: object
  securitySchemes:
    SemgrepWebToken:
      bearerFormat: string
      description: >-
        Get access to data with your API token. Example header:


        `Authorization: Bearer
        2991e2fb4b540fe75b8f90677b0b892b6314e4961cb001fe6eb452eee248a628`


        The token can be provisioned from the Tokens section in your Settings,
        and requires explicitly enabling `Web API` access.
      scheme: bearer
      type: http

````