POST Metadata/ReadPolicy

Returns a Custom Field value that has been applied to a policy for inheritance by objects of a specific type. The caller must have Read permission to the Distinguished Name (DN) of a policy.

Requirements

Permissions: The caller must have Read permission to the Distinguished Name (DN) of a policy.
Token scope: Any valid scope, such as Agent, Certificate, or SSH

Headers

Content type: Content-Type:application/json.
Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters
Name	Description
DN	The Distinguished name (DN) of a policy folder that has values for at least one Custom Field. If necessary, use the DN value from the GET Metadata/Items or POST Metadata/GetItemsForClass response.
ItemGuid	The globally unique identifier of a Custom Field. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. To get the GUIDs for a DN, use POST Metadata/GetItemGuids.
Type	Object class. Note that only the Device and X509 Certificate classes are supported.

Returns

Response description
Name	Description
Locked	The status of the data: true: The Policy value, which applies to the Custom Field, is locked. false: The Custom Field value is capable of change.
Values	Array of values applicable to the Custom Field type
Result	The reason for success or failure. For more information, see Metadata Result Codes.

Example: Read a policy

Request

POST https://tpp.venafi.example/vedsdk/Metadata/ReadPolicy
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "DN": "\\VED\\Policy\\Certificates",
   "ItemGuid": "{a80714f0-565c-4bc2-9026-787cf076d764}",
   "Type": "X509 Certificate"
}

Response

HTTP/1.1 200 OK     
{
   "Locked": true,
   "Values": ["XYZ789"],
   "Result": 0
}