Skip to main content
POST
/
documents
/
sections
/
{sectionID}
/
policies
curl --request POST \
  --url https://api.{environment}.corti.app/v2/documents/sections/{sectionID}/policies/ \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'Tenant-Name: <tenant-name>' \
  --data '
[
  {
    "kind": "project"
  }
]
'
[
  {
    "id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "kind": "project",
    "customerIds": null,
    "sectionId": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
    "createdBy": "1a2b3c4d-5e6f-7890-abcd-ef1234567890",
    "createdAt": "2025-06-01T12:00:00Z",
    "updatedAt": "2025-06-01T12:00:00Z"
  }
]

Authorizations

Authorization
string
header
required

Input your token

Headers

Tenant-Name
string
required

Identifies a distinct entity within Corti's multi-tenant system. Ensures correct routing and authentication of the request.

Example:

"base"

Path Parameters

sectionID
string<uuid>
required

Body

application/json
kind
enum<string>
required

The kind of access policy. project restricts to the owning project; customers grants access to the listed customer tenants.

Available options:
project,
customers
customerIds
string[] | null

Required when kind is customers. List of customer tenant identifiers that should have access.

Response

Created

id
string<uuid>
required

The UUID of the policy.

kind
enum<string>
required

The kind of access policy. project restricts to the owning project; customers grants access to the listed customer tenants.

Available options:
project,
customers
sectionId
string<uuid>
required

The UUID of the section this policy belongs to.

createdBy
string<uuid>
required

The UUID of the user who created this policy.

createdAt
string<date-time>
required

Timestamp when the policy was created.

updatedAt
string<date-time>
required

Timestamp when the policy was last updated.

customerIds
string[] | null

Present when kind is customers. Lists the customer tenant identifiers that have access.