Guardrails
List Keys Bound to a Policy
Verify which API keys a guardrail policy is enforcing on.
GET
/
api
/
v1
/
guardrail-policies
/
{id}
/
bindings
List Keys Bound to a Policy
curl --request GET \
--url https://api.example.com/api/v1/guardrail-policies/{id}/bindingsimport requests
url = "https://api.example.com/api/v1/guardrail-policies/{id}/bindings"
response = requests.get(url)
print(response.text)const options = {method: 'GET'};
fetch('https://api.example.com/api/v1/guardrail-policies/{id}/bindings', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.example.com/api/v1/guardrail-policies/{id}/bindings",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.example.com/api/v1/guardrail-policies/{id}/bindings"
req, _ := http.NewRequest("GET", url, nil)
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.example.com/api/v1/guardrail-policies/{id}/bindings")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.example.com/api/v1/guardrail-policies/{id}/bindings")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
response = http.request(request)
puts response.read_bodyReturns every active (non-revoked) API key currently bound to the given policy. Use this to confirm a policy is enforcing on the keys you expect before relying on it in production.
Authentication
Requires a Bearer token with thebilling API key scope. Visibility: author or any member of the owning org.
Request Examples
curl https://www.hitheo.ai/api/v1/guardrail-policies/{id}/bindings \
-H "Authorization: Bearer $THEO_API_KEY"
const { policy_id, bindings, count } = await theo.guardrails.policies.bindings(id);
console.log(`Policy is enforcing on ${count} key(s).`);
Response
{
"policy_id": "1f4f2c1a-22ce-4b07-9c0b-9c4f4b9b1d2e",
"bindings": [
{
"key_id": "key_abc123",
"key_name": "Production",
"key_prefix": "theo_sk_abc12345",
"key_org_id": null,
"key_user_id": "user_xyz",
"bound_at": "2026-01-15T18:24:11.000Z"
}
],
"count": 1
}
Was this page helpful?
⌘I
List Keys Bound to a Policy
curl --request GET \
--url https://api.example.com/api/v1/guardrail-policies/{id}/bindingsimport requests
url = "https://api.example.com/api/v1/guardrail-policies/{id}/bindings"
response = requests.get(url)
print(response.text)const options = {method: 'GET'};
fetch('https://api.example.com/api/v1/guardrail-policies/{id}/bindings', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.example.com/api/v1/guardrail-policies/{id}/bindings",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.example.com/api/v1/guardrail-policies/{id}/bindings"
req, _ := http.NewRequest("GET", url, nil)
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.example.com/api/v1/guardrail-policies/{id}/bindings")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.example.com/api/v1/guardrail-policies/{id}/bindings")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
response = http.request(request)
puts response.read_body