# Carrier Vetting Rules ### **Authentication** * Include your **`Access-Token`** and **`x-api-key`** in the header of your requests. ### Permissions The `external-api-compliance-rules` permission is required to access this endpoint. ### **Endpoint** * **URL:** `https://api.genlogs.io/customer-compliance-rules` * **Method:** GET ### **Headers** * **Access-Token**: (string, required): Access token obtained from the "Create Access Token" endpoint. * **x-api-key** (string, required): The API key provided by GenLogs. ### Request Example: ```bash curl --location 'https://api.genlogs.io/customer-compliance-rules' \ --header 'access-token: ' \ --header 'x-api-key: ' \ ``` ### **Response:** * **200 OK:** A JSON object containing the list of carrier rules under the authenticated customer. * **401 Unauthorized:** If the authentication credentials (Access-Token) is missing or incorrect. * **403 Forbidden**: If the permission has not been set to your user. * **500 Internal Server Error:** If there is an issue on the server that prevents processing the request. ### **Response Body:** 200 OK ```json { "rules": [ { "id": "18ff81b0-acdd-4a9c-a025-b87b1ee201b0", "rule_name": "Observed by GenLogs", "status": "enabled", "param_values": { "date_interval": "2_years", "decision_matrix": { "false": "review", "true": "pass" }, "fail_message": false, "pass_message": true } } ] } ``` 401 Forbidden ```json { "detail": { "message": "Token is missing", "subcode": "TOKEN_MISSING" } } ``` 403 Forbidden ```json { "detail": "User does not have the required permissions to access this resource" } ``` ## Retrieve customer compliance rules > Returns all compliance rules configured for the authenticated customer. Only rules belonging to the customer associated with the Access-Token are returned. Requires the external-api-compliance-rules permission.
```json {"openapi":"3.0.3","info":{"title":"Customer Compliance Rules API","version":"1.0.0"},"servers":[{"url":"https://api.genlogs.io"}],"security":[{"Access-Token":[],"X-Api-Key":[]}],"components":{"securitySchemes":{"Access-Token":{"type":"apiKey","in":"header","name":"Access-Token","description":"JWT provided directly in the Access-Token header. No \"Bearer\" prefix.\n"}}},"paths":{"/customer-compliance-rules":{"get":{"summary":"Retrieve customer compliance rules","description":"Returns all compliance rules configured for the authenticated customer. Only rules belonging to the customer associated with the Access-Token are returned. Requires the external-api-compliance-rules permission.\n","tags":["Compliance Rules"],"responses":{"200":{"description":"Compliance rules retrieved successfully.","content":{"application/json":{"schema":{"type":"object","properties":{"rules":{"type":"array","description":"List of compliance rules configured for the customer.","items":{"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the customer compliance rule."},"rule_name":{"type":"string","description":"Human-readable name of the compliance rule."},"status":{"type":"string","description":"Current status of the rule.","enum":["enabled","disabled"]},"param_values":{"type":"object","description":"Dynamic parameter values used during carrier evaluation.","additionalProperties":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"object"}]}}}}}}}}}},"401":{"description":"Unauthorized – Invalid or missing Access-Token.","content":{"application/json":{"schema":{"type":"object","properties":{"detail":{"type":"object","properties":{"message":{"type":"string"},"subcode":{"type":"string"}}}}}}}},"403":{"description":"Forbidden – User does not have the required permission.","content":{"application/json":{"schema":{"type":"object","properties":{"detail":{"type":"string"}}}}}},"500":{"description":"Internal Server Error.","content":{"application/json":{"schema":{"type":"string"}}}}}}}}} ```