Create Test Evaluation of Decision Node (ID)
POST {{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}The POST /v2/policy-manager/test/{{decisionNodeId}} operation tests the evaluation of an individual decision node, specified by the ID in the request URL. A decision node can be a policy or a rule.
Query parameters
| Query parameter | Description |
|---|---|
|
Name of branch |
|
Snapshot ID |
Request Model
For property descriptions, refer to Entity testing data model.
| Property | Type | Required? |
|---|---|---|
|
Map<String, String> |
N/A |
|
DecisionRequest |
N/A |
|
Map<String, String> |
N/A |
Body
raw ( application/json )
{
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
}Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}' \
--header 'x-user-id: {{userId}}' \
--header 'Content-Type: application/json' \
--data '{
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
}'var options = new RestClientOptions("{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("x-user-id", "{{userId}}");
request.AddHeader("Content-Type", "application/json");
var body = @"{" + "\n" +
@" ""attributeValueOverrides"": {" + "\n" +
@" ""attribute1"": ""overrideValue1""," + "\n" +
@" ""attribute2"": ""override2""" + "\n" +
@" }," + "\n" +
@" ""decisionRequest"": {" + "\n" +
@" ""action"": ""PERMIT""," + "\n" +
@" ""attributes"": {}," + "\n" +
@" ""domain"": ""example.com""," + "\n" +
@" ""identityProvider"": ""google""," + "\n" +
@" ""service"": ""example service""" + "\n" +
@" }," + "\n" +
@" ""serviceValueOverrides"": {" + "\n" +
@" ""serviceA"": ""serviceOverride1""," + "\n" +
@" ""serviceB"": ""serviceOverride2""" + "\n" +
@" }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}"
method := "POST"
payload := strings.NewReader(`{
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("x-user-id", "{{userId}}")
req.Header.Add("Content-Type", "application/json")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}} HTTP/1.1
Host: {{apiPath}}
x-user-id: {{userId}}
Content-Type: application/json
{
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"attributeValueOverrides\": {\n \"attribute1\": \"overrideValue1\",\n \"attribute2\": \"override2\"\n },\n \"decisionRequest\": {\n \"action\": \"PERMIT\",\n \"attributes\": {},\n \"domain\": \"example.com\",\n \"identityProvider\": \"google\",\n \"service\": \"example service\"\n },\n \"serviceValueOverrides\": {\n \"serviceA\": \"serviceOverride1\",\n \"serviceB\": \"serviceOverride2\"\n }\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}")
.method("POST", body)
.addHeader("x-user-id", "{{userId}}")
.addHeader("Content-Type", "application/json")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}",
"method": "POST",
"timeout": 0,
"headers": {
"x-user-id": "{{userId}}",
"Content-Type": "application/json"
},
"data": JSON.stringify({
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}',
'headers': {
'x-user-id': '{{userId}}',
'Content-Type': 'application/json'
},
body: JSON.stringify({
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}"
payload = json.dumps({
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
})
headers = {
'x-user-id': '{{userId}}',
'Content-Type': 'application/json'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'x-user-id' => '{{userId}}',
'Content-Type' => 'application/json'
));
$request->setBody('{\n "attributeValueOverrides": {\n "attribute1": "overrideValue1",\n "attribute2": "override2"\n },\n "decisionRequest": {\n "action": "PERMIT",\n "attributes": {},\n "domain": "example.com",\n "identityProvider": "google",\n "service": "example service"\n },\n "serviceValueOverrides": {\n "serviceA": "serviceOverride1",\n "serviceB": "serviceOverride2"\n }\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["x-user-id"] = "{{userId}}"
request["Content-Type"] = "application/json"
request.body = JSON.dump({
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"decisionRequest": {
"action": "PERMIT",
"attributes": {},
"domain": "example.com",
"identityProvider": "google",
"service": "example service"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"attributeValueOverrides\": {\n \"attribute1\": \"overrideValue1\",\n \"attribute2\": \"override2\"\n },\n \"decisionRequest\": {\n \"action\": \"PERMIT\",\n \"attributes\": {},\n \"domain\": \"example.com\",\n \"identityProvider\": \"google\",\n \"service\": \"example service\"\n },\n \"serviceValueOverrides\": {\n \"serviceA\": \"serviceOverride1\",\n \"serviceB\": \"serviceOverride2\"\n }\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/v2/policy-manager/test/{{decisionNodeId}}?branch={{branchId}}")!,timeoutInterval: Double.infinity)
request.addValue("{{userId}}", forHTTPHeaderField: "x-user-id")
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"elapsedTime": 2508,
"request": {
"decisionRequest": {
"domain": "example.com",
"service": "example service",
"identityProvider": "google",
"action": "PERMIT",
"attributes": {}
},
"attributeValueOverrides": {
"attribute1": "overrideValue1",
"attribute2": "override2"
},
"serviceValueOverrides": {
"serviceA": "serviceOverride1",
"serviceB": "serviceOverride2"
}
},
"authorized": false,
"statements": [],
"status": {
"code": "OKAY",
"messages": [],
"errors": []
},
"attributes": {
"HttpRequest.AccessToken": {
"id": "8e568465-2e7c-4705-8d94-53102ea8550f",
"name": "HttpRequest.AccessToken",
"successful": false,
"consumedBy": [
{
"consumer": "attribute",
"id": "9d722951-77a8-4ae6-94f9-6ced4adfee17",
"name": "HttpRequest.AccessToken.active"
}
],
"resolvedBy": [
{
"resolver": "request",
"successful": false,
"key": "HttpRequest.AccessToken",
"valueProcessing": [],
"error": {
"code": "MISSING_ATTRIBUTE",
"message": "HttpRequest.AccessToken"
}
}
],
"valueProcessing": [
{
"processor": "TypeConversion",
"expression": "JSON",
"result": {
"error": {
"code": "MISSING_ATTRIBUTE",
"message": "HttpRequest.AccessToken"
}
}
}
],
"elapsedTime": 74,
"error": {
"code": "MISSING_ATTRIBUTE",
"message": "HttpRequest.AccessToken"
}
},
"HttpRequest.AccessToken.active": {
"id": "9d722951-77a8-4ae6-94f9-6ced4adfee17",
"name": "HttpRequest.AccessToken.active",
"successful": true,
"consumedBy": [
{
"consumer": "rule",
"id": "f9604cb4-315d-47eb-9e76-4d8c7534bb41",
"name": "Access token is inactive"
}
],
"resolvedBy": [
{
"resolver": "attribute",
"id": "8e568465-2e7c-4705-8d94-53102ea8550f",
"name": "HttpRequest.AccessToken",
"successful": false,
"valueProcessing": [],
"error": {
"code": "MISSING_ATTRIBUTE",
"message": "HttpRequest.AccessToken"
}
},
{
"resolver": "default",
"successful": true,
"valueProcessing": [],
"value": "false",
"type": "BOOLEAN"
}
],
"valueProcessing": [
{
"processor": "JSONPath",
"expression": "$.active",
"result": {
"error": {
"code": "MISSING_ATTRIBUTE",
"message": "HttpRequest.AccessToken"
}
}
},
{
"processor": "TypeConversion",
"expression": "BOOLEAN",
"result": {
"error": {
"code": "MISSING_ATTRIBUTE",
"message": "HttpRequest.AccessToken"
}
}
}
],
"elapsedTime": 217,
"value": "false",
"type": "BOOLEAN"
}
},
"services": {},
"decisionTree": {
"id": "e51688ff-1dc9-4b6c-bb36-8af64d02e9d1",
"nodeType": "PolicySet",
"name": "Global Decision Point",
"targets": [],
"elapsedTime": 997,
"combiningAlgorithm": "DenyOverrides{}",
"decision": "PERMIT",
"applicableChildren": {
"Token Validation": {
"id": "69d82f74-5561-4f91-b238-0f8bbac97532",
"nodeType": "Policy",
"name": "Token Validation",
"sequence": 1,
"targets": [],
"elapsedTime": 794,
"combiningAlgorithm": "PermitUnlessDeny{}",
"decision": "PERMIT",
"notApplicableChildren": {
"Access token is inactive": {
"id": "f9604cb4-315d-47eb-9e76-4d8c7534bb41",
"nodeType": "Rule",
"name": "Access token is inactive",
"sequence": 1,
"targets": [],
"elapsedTime": 751,
"decision": "NOT_APPLICABLE",
"condition": {
"and": [
{
"equals": {
"lhs": {
"id": "9d722951-77a8-4ae6-94f9-6ced4adfee17",
"name": "HttpRequest.AccessToken.active",
"value": "false",
"type": "BOOLEAN"
},
"rhs": {
"value": "false",
"type": "STRING"
}
},
"result": {
"value": "true",
"type": "BOOLEAN"
}
},
{
"or": [
{
"reference": {
"id": "cd212c60-6cf3-4156-9c17-a32162fdda6a",
"name": "Any Inbound Request",
"condition": {
"or": [
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "inbound-DELETE",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "inbound-GET",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "inbound-PATCH",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "inbound-POST",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "inbound-PUT",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
}
],
"result": {
"value": "false",
"type": "BOOLEAN"
}
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"reference": {
"id": "5d9208da-b746-4b0d-b741-b6eabc66e71c",
"name": "Any SCIM or OpenBanking Request",
"condition": {
"or": [
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "create",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "delete",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "modify",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "retrieve",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
{
"equals": {
"lhs": {
"axis": "Action",
"value": "PERMIT",
"type": "REQUEST"
},
"rhs": {
"value": "search",
"type": "STRING"
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
}
],
"result": {
"value": "false",
"type": "BOOLEAN"
}
}
},
"result": {
"value": "false",
"type": "BOOLEAN"
}
}
],
"result": {
"value": "false",
"type": "BOOLEAN"
}
}
],
"result": {
"value": "false",
"type": "BOOLEAN"
}
},
"statements": []
}
},
"statements": [
{
"id": "cde26a38-2035-4385-bbfe-159ee1822976",
"name": "Invalid Token",
"code": "denied-reason",
"appliesTo": "DENY",
"appliesIf": "PATH_MATCHES",
"payload": "{\"status\":401, \"message\": \"invalid_token\", \"detail\":\"Access token is expired or otherwise invalid\"}",
"obligatory": true,
"fulfilled": false,
"attributes": {},
"errors": []
}
]
},
"New Test Policy": {
"id": "d577e45a-6b5e-4bac-93e6-02c7f45414b1",
"nodeType": "Policy",
"name": "New Test Policy",
"sequence": 3,
"targets": [],
"elapsedTime": 60,
"combiningAlgorithm": "FirstApplicable{}",
"decision": "PERMIT",
"applicableChildren": {
"Amount": {
"id": "d700fcfb-a7c7-428e-9563-f50fe1dcdd99",
"nodeType": "Rule",
"name": "Amount",
"sequence": 1,
"targets": [],
"elapsedTime": 16,
"decision": "PERMIT",
"statements": []
}
},
"statements": []
}
},
"notApplicableChildren": {
"PDP API Endpoint Policies": {
"id": "3e80f4b0-ae1d-48e6-bdab-74c0fe06e6d5",
"nodeType": "PolicySet",
"name": "PDP API Endpoint Policies",
"sequence": 2,
"targets": [
{
"name": "Inline target",
"domains": [],
"services": [
"PDP"
],
"actions": [],
"identityClasses": [],
"attributes": {}
}
],
"elapsedTime": 61,
"combiningAlgorithm": "PermitUnlessDeny{}",
"decision": "NOT_APPLICABLE",
"statements": []
}
},
"statements": []
},
"result": {
"value": "PERMIT",
"type": "Decision"
}
}