API workflow

Manage Unified Application Security Policies programmatically through the Cortex Cloud public API.

Use the public API to automate policy management across tenants, integrate policy lifecycle operations directly into CI/CD pipelines, or synchronize policy configurations with infrastructure-as-code (IaC) workflows. For bulk operations, programmatic audits, or cross-tenant policy synchronization, the API is the ideal approach. The Cortex Cloud console remains the recommended interface for interactive policy creation and one-off configuration changes.

Note

The public API remains backward compatible with existing API consumers. The API returns additional fields for the unified policy structure, including the new policy type, trigger configuration, and Override Severity settings.

Authentication and base path

The public API base path is /public_api/appsec/v1/policies. All requests require one of the following authentication methods:

  • The x-redlock-auth header with a valid JWT token

  • The Authorization header with the API key

Supported operations

You can use the API to perform the following lifecycle actions on your security policies:

Operation

Method

Endpoint

Description

List policies

GET

/public_api/appsec/v1/policies

Retrieve all Unified Application Security Policies in your environment. This operation supports filtering by status, finding type, trigger, action, or custom/out-of-the-box classifications

Get policy by ID

GET

/public_api/appsec/v1/policies/{policyId}

Retrieve the full configuration, including conditions, triggers, scope, and metadata, for a specific policy using its unique identifier

Create policy

POST

/public_api/appsec/v1/policies

Programmatically build and enforce a new policy by defining its general details, condition filters, target scopes, and enforcement triggers across your pre-runtime lifecycle

Update policy

PUT

/public_api/appsec/v1/policies/{policyId}

Modify an existing policy's configuration, such as adjusting condition filters or toggling trigger actions

Delete policy

DELETE

/public_api/appsec/v1/policies/{policyId}

Remove a policy from your environment. Caution: All issues created by the deleted policy are closed during the next periodic scan

Duplicate a policy

To duplicate a policy programmatically:

  1. Retrieve the source policy using the GET endpoint.

  2. Modify the necessary details (such as the policy name).

  3. Submit it as a new policy via the POST endpoint.

API reference

For the complete API reference, including request and response schemas, query parameter documentation, and error codes, refer to Cortex Cloud Platform APIs documentation.