POST
/
v2
/
policy-engine
/
policies
Create a policy
curl --request POST \
  --url https://api.cdp.coinbase.com/platform/v2/policy-engine/policies \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "scope": "project",
  "description": "Default policy",
  "rules": [
    {
      "action": "accept",
      "operation": "signEvmTransaction",
      "criteria": [
        {
          "type": "ethValue",
          "ethValue": "1000000000000000000",
          "operator": "<="
        },
        {
          "type": "evmAddress",
          "addresses": [
            "0x742d35Cc6634C0532925a3b844Bc454e4438f44e",
            "0x1234567890123456789012345678901234567890"
          ],
          "operator": "in"
        }
      ]
    }
  ]
}'
{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "description": "Default policy",
  "scope": "project",
  "rules": [
    {
      "action": "accept",
      "operation": "signEvmTransaction",
      "criteria": [
        {
          "type": "ethValue",
          "ethValue": "1000000000000000000",
          "operator": "<="
        },
        {
          "type": "evmAddress",
          "addresses": [
            "0x742d35Cc6634C0532925a3b844Bc454e4438f44e",
            "0x1234567890123456789012345678901234567890"
          ],
          "operator": "in"
        }
      ]
    }
  ],
  "createdAt": "2025-03-25T12:00:00Z",
  "updatedAt": "2025-03-26T12:00:00Z"
}

Authorizations

Authorization
string
header
required

A JWT signed using your CDP API Key Secret, encoded in base64. Refer to the Generate Bearer Token section of our Authentication docs for information on how to generate your Bearer Token.

Headers

X-Idempotency-Key
string

An optional UUID v4 request header for making requests safely retryable. When included, duplicate requests with the same key will return identical responses. Refer to our Idempotency docs for more information on using idempotency keys.

Required string length: 36

Body

application/json
scope
enum<string>
required

The scope of the policy.

Available options:
project,
account
Example:

"project"

rules
object[]
required

A list of rules that comprise the policy. There is a limit of 10 rules per policy.

description
string

An optional human-readable description for the policy. Policy descriptions can consist of alphanumeric characters, spaces, commas, and periods, and be 50 characters or less.

Example:

"Default policy"

Response

Successfully created policy.

id
string
required

The unique identifier for the policy.

Example:

"123e4567-e89b-12d3-a456-426614174000"

scope
enum<string>
required

The scope of the policy. Only one project-level policy can exist at any time.

Available options:
project,
account
Example:

"project"

rules
object[]
required

A list of rules that comprise the policy.

Example:
[
  {
    "action": "accept",
    "operation": "signEvmTransaction",
    "criteria": [
      {
        "type": "ethValue",
        "ethValue": "1000000000000000000",
        "operator": "<="
      },
      {
        "type": "evmAddress",
        "addresses": [
          "0x742d35Cc6634C0532925a3b844Bc454e4438f44e",
          "0x1234567890123456789012345678901234567890"
        ],
        "operator": "in"
      }
    ]
  }
]
createdAt
string
required

The ISO 8601 timestamp at which the Policy was created.

Example:

"2025-03-25T12:00:00Z"

updatedAt
string
required

The ISO 8601 timestamp at which the Policy was last updated.

Example:

"2025-03-26T12:00:00Z"

description
string

An optional human-readable description of the policy. Policy descriptions can consist of alphanumeric characters, spaces, commas, and periods, and be 50 characters or less.

Example:

"Default policy"