POST Config/ReadEffectivePolicy

Returns the effective value of a specific attribute.


  • Permissions:  The caller must have Read permission to the requested object.
  • Token scope:  Configuration


  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.


Input parameters




The Distinguished Name (DN) of the object.


The name of the attribute to be read from each referenced DN. For more information, see How to find class names and attributes.


Response description



HTTP 200

For valid requests, this call returns a HTTP 200 message and the following data in the message body:

  • Error : Appears only when the operation cannot supply the necessary data. Provides only a description and Result. No other data.
  • Locked: A value of true indicates if the policy value was a suggestion or enforced; otherwise, false.
  • Overridden: A value of true indicates that the value came from a policy; otherwise, false.

  • PolicyDN: The Policy DN that holds the value, if any.

  • Result: The result code that indicates the reason for success or failure. For more information, see Config result codes.
  • Values: An array of values read from the attributes of the object.

HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • error: The reason for the error.
  • error_description: If available, additional information about how to retry the request.

Example: Read effective attribute values for a DN


POST https://tpp.venafi.example/vedsdk/Config/ReadEffectivePolicy
Authorization:Bearer 4MyGeneratedBearerTknz==


HTTP/1.1 200 OK