Get, Update, or Delete a Policy

Fetch, modify, or hard-delete a single guardrail policy. Visibility: author or any member of the owning org. Non-members receive 404 so the existence of team policies is never leaked.

Authentication

Requires a Bearer token with the billing API key scope.

GET

Fetch the full policy snapshot.

curl https://www.hitheo.ai/api/v1/guardrail-policies/{id} \
  -H "Authorization: Bearer $THEO_API_KEY"

const policy = await theo.guardrails.policies.get(id);

PATCH

Update fields on an existing policy. Sending rules replaces the entire rule set (the rules table is treated as a single document on save).

name

string

Policy name.

description

string

Free-text description.

rules

object[]

Replacement rule set.

enabled

boolean

Pause/unpause without deleting.

is_default

boolean

Promote/demote default. One default per scope.

curl -X PATCH https://www.hitheo.ai/api/v1/guardrail-policies/{id} \
  -H "Authorization: Bearer $THEO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "enabled": false }'

await theo.guardrails.policies.update(id, { enabled: false });

Team-scoped policies require the manageWebhooks permission on the active organization.

DELETE

Hard delete. Cascade-removes every api_key_guardrail_policies binding pointing at this policy — previously-bound keys revert to the strict opt-in default (no enforcement).

curl -X DELETE https://www.hitheo.ai/api/v1/guardrail-policies/{id} \
  -H "Authorization: Bearer $THEO_API_KEY"

await theo.guardrails.policies.delete(id);

Errors

400 guardrail_policy_invalid — Validation failure on PATCH.
404 not_found — Policy doesn’t exist or isn’t visible to the caller.
409 conflict — Default-uniqueness violation.

Create Guardrail Policy

Replay a Prompt Through a Policy

⌘I

Documentation Index

​Authentication

​GET

​PATCH

​DELETE

​Errors

Authentication

GET

PATCH

DELETE

Errors