POST Config/WritePolicy

Replaces all value instances of a policy attribute for a specific class with one or more new values. Applies only to folder or other folder objects that support policy settings. Do not call Config/WritePolicy to apply values to any Parent base class. Otherwise, unexpected results can occur and the change may not be visible in the UI.

Requirements

  • Permissions:  The caller must have Manage permission to the requested policy object.
  • Token scope:  Configuration:Manage

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

ObjectDN

The Distinguished Name (DN) of the Policy folder that will store the attribute values.

Class

The name of the policy attribute class.

AttributeName

The name of the attribute. For more information, see How to find class names and attributes.

Locked

Override policy setting even if it was previously set in the UI : 

  • 0: Keep the attribute value unlocked in the policy.

  • 1: Lock the attribute value in the policy and enforce the values or use as suggestion.

Values

The array of values to write to the attribute.

Returns

Response description

Name

Description

HTTP 200

For valid requests, this call returns a HTTP 200 message and the following data in the message body:

  • Error : Appears only when the operation cannot supply the necessary data. Provides only a description and Result. No other data.
  • Result: The result code that indicates the reason for success or failure. For more information, see Config result codes.

HTTP 400

For invalid requests, this call returns a HTTP 400 BadRequest and the following data in the message body:

  • error: The reason for the error.
  • error_description: If available, additional information about how to retry the request.

Example: Globally replace policy attribute values

Request

POST https://tpp.venafi.example/vedsdk/Config/WritePolicy
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "Locked":1,
   "ObjectDN":"\\VED\\Policy\\TestPolicy",
   "Class":"JKS",
   "AttributeName":"KeyStore",
   "Values":[
      "/etc/crypto/common.jks"
   ]
}

Response

HTTP/1.1 200 OK
{
   "Result":1
}