Skip to content

GET /api/v1/admin/orgs/:slug/allowlist

This page is auto-generated from src/admin/routes.ts. Do not edit by hand — see docs/dev/docs-auto-sync.md.

:warning: Heuristic extraction — not a contract. Response shapes below are mined from c.json(...) literals in the handler via an AST walker. Computed fields, ternaries, and non-literal returns are shown as placeholders. Refer to the linked source file for the authoritative behaviour.

Requires the following capability(ies):

  • policy:r

Other middleware observed on this route (heuristic):

  • requireCapability

--- Per-entry allowlist CRUD (#D2) -----------------------------------------

Closes the “replace-whole-array PATCH /policies” gap for time-boxed allowlist work. Mirrors the blocklist POST/DELETE pattern so the dashboard

  • admin tooling can manage allowlist entries one at a time. PATCH /policies still works for bulk updates; these endpoints are additive.

Entries are stored as JSON inside tenants.config (not their own table — allowlists are typically a handful of rows per org). Persisted ids are uuid v4; entries written before this PR’s id field get a deterministic legacy-<base64url> id at parse time so they’re still addressable. GET /api/v1/admin/orgs/:slug/allowlist — list this org’s allowlist. #336 — gated on policy:r (matches blocklist GET + symmetry with allowlist POST).

{
"error": "Org not found"
}
{
"count": <member-expr>,
"entries": <member-expr>
}
  • File: src/admin/routes.ts
  • Line: 5546