Rules Enginev1.10.02.02pilot-root.1kosmos.net/rules-engineOpenAPI
1Kosmos · Policy Rules

Rules Engine API

Define and evaluate the policy rules behind identity decisions.

Authentication → All products

The Rules Engine evaluates the policy rules that drive identity decisions across the platform. Define rules once and let services consult them at runtime to gate authentication, verification and authorization.

14 endpoints

across 5 resource groups.

ECDSA-signed

every request is signed with your key pair.

JSON over HTTPS

predictable REST, conventional status codes.

OpenAPI 3.0

Download the spec →

Reference

Base URL

All Rules Engine endpoints are relative to your environment host. Examples on this page use the 1Kosmos pilot environment — swap in your production root when you go live.

Pilot https://pilot-root.1kosmos.net/rules-engine

Content type

Requests and responses use application/json.

GEThttps://pilot-root.1kosmos.net/rules-engine/healthz
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/healthz' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'license: YOUR_LICENSE_KEY'
Security

Authentication

Rules Engine uses ECDSA key-pair authentication. Each request carries your credentials as HTTP headers; verification-grade calls additionally sign the request body. Retrieve the system signing key from /publickeys.

Credentials
licensekeyLicense key from License Microserviceheader
licenseLicense key from License Microserviceheader
GEThttps://pilot-root.1kosmos.net/rules-engine/healthz
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/healthz' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'license: YOUR_LICENSE_KEY'
Reference

Errors

Rules Engine uses conventional HTTP status codes: 2xx success, 4xx a problem with the request, 5xx a service-side error.

StatusMeaningDescription
200 / 204OKThe request succeeded.
400Bad RequestValidation failed.
401UnauthorizedMissing or invalid credentials.
403ForbiddenAuthenticated, but not permitted.
404Not FoundThe resource does not exist.
500Server ErrorSomething went wrong on our side.
4XXerror response
{
  "statusCode": 400,
  "error": "Bad Request",
  "message": "Validation error"
}
Rules Engine

Rule

Create, update and evaluate policy rules.

GET/tenant/{tenantId}/community/{communityId}/rule/{ruleId}

Get Single Rule By Id

Fetch a single rule by tenantId, communityId, ruleId.

  • valid community license with authlevel system, service, service_ext.

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Request Body

Returns

Returns the fetched rule ...

This API throw an error if something goes wrong.

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
ruleIdrequiredstringID for a single rule
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize 🔒
requestidstringRequest Id (string, plain text)
GEThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rule/{ruleId}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rule/xxxxxxxxxxxxxxxxxxxxxxxx' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>'
RESPONSE
200
400
401
Success Rule fetch result ``` { "name": "xxxxxxxxxx" "category": "xxxxxxxxxxxxxx", "tags": [ "xxxxxxxxxxxxxxxxxxxxx" ], "description": "xxxxxxxxxxxxx", "enabled": true, "createdBy": "xxxxxxxxxxx", "criteria": "any", "conditions": [ { "factName": "xxxxxxxxxxxxxxx", "valueType": "xxxxxxxxxxxxxx", "value": "xxxxxxxxxxxxxxxxxx", "operator": "xxxxxxxxxxxxxxxxxx" } ], "onMatch": { "decision": "xxxxxxxxxxxxxxx", "params": {} }, "onNoMatch": { "decision": "xxxxxxxxxxxxx", "params": {} }, "defaultDecision": { "decision": "xxxxxxxxxxxxxxxx", "params": {} } } ```
[
  {
    "name": "string",
    "category": "string",
    "tags": [
      "string"
    ],
    "description": "string",
    "enabled": true,
    "criteria": "string",
    "conditions": [
      {
        "factName": "string",
        "valueType": "string",
        "value": "string",
        "operator": "string"
      }
    ],
    "onMatch": {
      "decision": "string",
      "params": {}
    },
    "onNoMatch": {
      "decision": "string",
      "params": {}
    },
    "defaultDecision": {
      "decision": "string",
      "params": {}
    }
  }
]
GET/tenant/{tenantId}/community/{communityId}/rule/{ruleId}/{action}

Enable/Disable Rule

Enable or Diasable a rule by ruleId.

  • valid community license with authlevel system, service, service_ext.

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Returns

Returns the OK status ...

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
ruleIdrequiredstringRule _id
actionrequiredstring
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
GEThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rule/{ruleId}/{action}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rule/xxxxxxxxxxxxxxxxxxxxx/<action>' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>'
RESPONSE
200
400
401
Success
// no response body
POST/tenant/{tenantId}/community/{communityId}/evaluate

Evaluate Rules

Evaluate rules by tenantId, communityId

  • license key authorized for given community

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Request Body

category (required)

Category for evaluation.

facts (required)

facts for evaluation.

Returns

Returns the evaluated rules ...

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
Request body

Request body contains below fields to evaluate rules.

{
    "category": "string required",
    "facts": {}
}
FieldTypeDescription
categorystring
factsobject
POSThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/evaluate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/evaluate' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>' \
  -H 'Content-Type: application/json' \
  -d '{"category": "string", "facts": {}}'
RESPONSE
200
400
401
404
Success Evaluated rules, ``` { "rules": [ { "id": "xxxxxxxxxxxxxx", "tags": [ "xxxxxxxxxx" ], "category": "xxxxxxx", "decision": {}, "reason": "xxxxxxxx", "factsChecked": [ "xxxxxx" ] } ] } ```
{
  "rules": [
    {
      "id": "string",
      "tags": [
        "string"
      ],
      "category": "string",
      "decision": {},
      "reason": "string",
      "factsChecked": [
        "string"
      ]
    }
  ]
}
POST/tenant/{tenantId}/community/{communityId}/rules/delete

Delete Rules matching tags and/or ids

Delete Rules matching tags and/or ids.

  • valid community license with authlevel system, service, service_ext.

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Returns

Returns the deleted status ...

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
Request body

Request body contains below fields to update rules.

At least one of ids or tags is mandatory
{
    "ids": [ "string" ] //optional
    "tags": [ "string" ] //optional,
}
FieldTypeDescription
tagsarray<string>
idsarray<string>
POSThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rules/delete
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rules/delete' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>' \
  -H 'Content-Type: application/json' \
  -d '{"tags": ["string"], "ids": ["string"]}'
RESPONSE
200
304
400
401
404
Success
// no response body
POST/tenant/{tenantId}/community/{communityId}/rules/fetch

Fetch Rules

Fetch rules by tenantId, communityId, category (optional), tags ([tag1, ... tagN], optional).

  • valid community license with authlevel system, service, service_ext.

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Request Body

category (optional)

Category of rules.

tags (optional)

Tags of rules.

Returns

Returns the fetched rules ...

This API throw an error if something goes wrong.

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
Request body

Request body contains below fields to fetch rules:

{
    "category": "string optional",
    "tags": [
       "string optional"
     ]
}
FieldTypeDescription
categorystring
tagsarray<string>optional, default empty array
POSThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rules/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rules/fetch' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>' \
  -H 'Content-Type: application/json' \
  -d '{"category": "string", "tags": ["string"]}'
RESPONSE
200
400
401
Success Rules fetch result ``` { "data": [ { "name": "xxxxxxxxxx" "category": "xxxxxxxxxxxxxx", "tags": [ "xxxxxxxxxxxxxxxxxxxxx" ], "description": "xxxxxxxxxxxxx", "enabled": true, "createdBy": "xxxxxxxxxxx", "criteria": "any", "conditions": [ { "factName": "xxxxxxxxxxxxxxx", "valueType": "xxxxxxxxxxxxxx", "value": "xxxxxxxxxxxxxxxxxx", "operator": "xxxxxxxxxxxxxxxxxx" } ], "onMatch": { "decision": "xxxxxxxxxxxxxxx", "params": {} }, "onNoMatch": { "decision": "xxxxxxxxxxxxx", "params": {} }, "defaultDecision": { "decision": "xxxxxxxxxxxxxxxx", "params": {} } } ] } ```
[
  {
    "name": "string",
    "category": "string",
    "tags": [
      "string"
    ],
    "description": "string",
    "enabled": true,
    "criteria": "string",
    "conditions": [
      {
        "factName": "string",
        "valueType": "string",
        "value": "string",
        "operator": "string"
      }
    ],
    "onMatch": {
      "decision": "string",
      "params": {}
    },
    "onNoMatch": {
      "decision": "string",
      "params": {}
    },
    "defaultDecision": {
      "decision": "string",
      "params": {}
    }
  }
]
PUT/tenant/{tenantId}/community/{communityId}/rule

Create Rule

Create rule.

  • valid community license with authlevel system, service, service_ext
  • key must be authorized for community
  • creates a new rule
  • returns created rule

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Request Body

name (required)

Name of rule.

category (required)

Category of rule.

tags (required)

Tags of rule.

description (required)

Description of rule.

enabled (required)

Status of rule (true or false).

createdBy (required)

Urn of person that created the rule.

criteria (required)

Criteria for rule (any, all).

conditions (required)

List of conditions for the rule.

onMatch (required)

onMatch data of rule with decision and parameters.

onNoMatch (required)

onNoMatch data of rule with decision and parameters.

defaultDecision (required)

Default decision of rule with decision and parameters

Returns

Returns the created rule.

This API throws an error if something goes wrong

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
Request body

Request body contains below fields to create rules.

{
    "name": "string required",
    "category": "string required",
    "tags": [
       "string required"
     ],
    "description": "string optional",
    "enabled": "boolean required",
    "createdBy": "string required",
    "criteria": "string required - any or all",
    "conditions": [
       {
          "factName": "string required",
          "valueType": "string required - STRING, NUMBER, IP, CIDR (192.98.70.00/20), ARRAY, GEODISTANCE",
          "value": " 'string' | 10 | '192.98.70.00' | '192.98.70.00/20' | '192.98.70.00-192.98.70.12' | ['some string'] | [] required",
          "operator": "string required [eq, neq, gt, lt, in, nin, overlap, nooverlap, isempty]"
       }
    ],
    "onMatch": {
       "decision": "string required",
       "params": {}
    },
    "onNoMatch": {
       "decision": "string required",
       "params": {}
    },
    "defaultDecision": {
       "decision": "string required",
       "params": {}
    }
}

For valueType STRING operators [eq, neq, startswith, notstartswith, endswith, notendswith, contains, notcontains] are valid
For valueType NUMBER operators [eq, neq, gt, lt] are valid
For valueType IP operators [eq, neq, in, nin] are valid
For valueType CIDR operators [eq, neq] are valid
For valueType ARRAY (String arrays is supported) operators [in, nin, overlap, nooverlap, isempty, startswith, notstartswith, endswith, notendswith, contains, notcontains] are valid
For valueType GEODISTANCE operators [gt, lt] are valid
For IP/CIDR please follow below examples:

{
  "factName": "SingleIP",
  "valueType": "IP",
  "value": "192.98.70.00",
  "operator": "eq/neq"
}
{
  "factName": "cidr_range",
  "valueType": "CIDR",
  "value": "192.98.70.00/20",
  "operator": "eq/neq"
}
{
  "factName": "ip_range",
  "valueType": "IP",
  "value": "192.98.70.00-192.98.70.12",
  "operator": "eq,neq"
}
{
  "factName": "ip_cidr_array",
  "valueType": "IP",
  "value": ["192.98.70.00-192.98.70.12", "192.98.70.00/10", "192.98.70.00", "192.98.70.12"],
  "operator": "in/nin"
}

For Array:

{
  "factName": "factStartsWithArrayElement",
  "valueType": "ARRAY",
  "value": ["da", "sa"],
  "operator": "startsWith"
}
{
  "factName": "factEndsWithArrayElement",
  "valueType": "ARRAY",
  "value": ["ir", "sa"],
  "operator": "endsWith"
}
{
  "factName": "factcontainsArrayElement",
  "valueType": "ARRAY",
  "value": ["le", "ac"],
  "operator": "contains"
}

fact : { "factStartsWithArrayElement" : "darshan",  "factEndsWithArrayElement" : "samir", factcontainsArrayElement: "jack"} | matched

For GEODISTANCE
{
  "factName": "mobile_user_distance || browser_user_distance || mobile_browser_distance",
  "valueType": "GEODISTANCE",
  "value": 100 //this is expected in meters,
  "operator": "gt/lt"
}

facts : {"browserLocation" : { "lat" : 37.7749, "lon" : -122.4194 } , "mobileLocation" : { "lat" : 37.7749, "lon" : -122.4194 }}
FieldTypeDescription
namestring
categorystring
tagsarray<string>optional, default empty array
descriptionstring
enabledboolean
createdBystring
criteriastring
conditionsarray<object>if empty, no conditions defined, rule assumed "diasbled"
onMatchobject
onNoMatchobject
defaultDecisionobject
PUThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rule
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rule' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>' \
  -H 'Content-Type: application/json' \
  -d '{"name": "string", "category": "string", "tags": ["string"], "description": "string", "enabled": true, "createdBy": "string", "criteria": "string", "conditions": [{"factName": "string", "valueType": "string", "value": "string", "operator": "string"}], "onMatch": {"decision": "string", "params": {}}, "onNoMatch": {"decision": "string", "params": {}}, "defaultDecision": {"decision": "string", "params": {}}}'
RESPONSE
201
400
401
Success Created rule object, ``` { "name": "xxxxxxxxxxx" "category": "xxxxxxxxxx", "tags": [ "xxxxxxx", "xxxxxxxxxx" ], "description": "xxxxxxxxxx", "enabled": "true", "createdBy": "xxxxxxxx", "criteria": "any", "conditions": [ { "factName": "xxxxxxxxxxxx", "valueType": "xxxxxxxxxxxxx", "value": "xxxxxxxxxxxxxxxxxx", "operator": "xxxxxxxxxxxxxxxxxxx" } ], "onMatch": { "decision": "xxxxxxxxxxxxxx", "params": {} }, "onNoMatch": { "decision": "xxxxxxxxxxxxxxxx", "params": {} }, "defaultDecision": { "decision": "xxxxxxxxxxxxxxxxxxxxxxx", "params": {} } } ```
{
  "name": "string",
  "category": "string",
  "tags": [
    "string"
  ],
  "description": "string",
  "enabled": true,
  "createdBy": "string",
  "criteria": "string",
  "conditions": [
    {
      "factName": "string",
      "valueType": "string",
      "value": "string",
      "operator": "string"
    }
  ],
  "onMatch": {
    "decision": "string",
    "params": {}
  },
  "onNoMatch": {
    "decision": "string",
    "params": {}
  },
  "defaultDecision": {
    "decision": "string",
    "params": {}
  }
}
PUT/tenant/{tenantId}/community/{communityId}/rules

Create Rules in batch

Create rules in batch.

  • valid community license with authlevel system, service, service_ext
  • key must be authorized for community
  • creates a new rules in given array
  • returns created rules

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Request Body

name (required)

Name of rule.

category (required)

Category of rule.

tags (required)

Tags of rule.

description (required)

Description of rule.

enabled (required)

Status of rule (true or false).

createdBy (required)

Urn of person that created the rule.

criteria (required)

Criteria for rule (any, all).

conditions (required)

List of conditions for the rule.

onMatch (required)

onMatch data of rule with decision and parameters.

onNoMatch (required)

onNoMatch data of rule with decision and parameters.

defaultDecision (required)

Default decision of rule with decision and parameters

Returns

Returns the created rule.

This API throws an error if something goes wrong

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
PUThttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rules
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rules' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>' \
  -H 'Content-Type: application/json' \
  -d '[{"name": "string", "category": "string", "tags": ["string"], "description": "string", "enabled": true, "createdBy": "string", "criteria": "string", "conditions": [{"factName": "string", "valueType": "string", "value": "string", "operator": "string"}], "onMatch": {"decision": "string", "params": {}}, "onNoMatch": {"decision": "string", "params": {}}, "defaultDecision": {"decision": "string", "params": {"message": "string"}}}]'
RESPONSE
201
400
401
Success Created rule object, ``` [{ "name": "xxxxxxxxxxx" "category": "xxxxxxxxxx", "tags": [ "xxxxxxx", "xxxxxxxxxx" ], "description": "xxxxxxxxxx", "enabled": "true", "createdBy": "xxxxxxxx", "criteria": "any", "conditions": [ { "factName": "xxxxxxxxxxxx", "valueType": "xxxxxxxxxxxxx", "value": "xxxxxxxxxxxxxxxxxx", "operator": "xxxxxxxxxxxxxxxxxxx" } ], "onMatch": { "decision": "xxxxxxxxxxxxxx", "params": {} }, "onNoMatch": { "decision": "xxxxxxxxxxxxxxxx", "params": {} }, "defaultDecision": { "decision": "xxxxxxxxxxxxxxxxxxxxxxx", "params": {} } }, ...] ```
[
  {
    "name": "string",
    "category": "string",
    "tags": [
      "string"
    ],
    "description": "string",
    "enabled": true,
    "createdBy": "string",
    "criteria": "string",
    "conditions": [
      {
        "factName": "string",
        "valueType": "string",
        "value": "string",
        "operator": "string"
      }
    ],
    "onMatch": {
      "decision": "string",
      "params": {}
    },
    "onNoMatch": {
      "decision": "string",
      "params": {}
    },
    "defaultDecision": {
      "decision": "string",
      "params": {}
    }
  }
]
PATCH/tenant/{tenantId}/community/{communityId}/rule/{ruleId}

Update Rule

Update a rule by ruleId.

  • tenantId, communityId and createdBy cannot be updated.

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Request Body

name (optional)

Name of Rule.

category (optional)

Category of rule.

tags (optional)

Tags of rule.

description (optional)

Description of rule.

enabled (required)

Status of rule (true or false).

criteria (optional)

Criteria for rule (any, all).

conditions (optional)

List of conditions for the rule.

onMatch (optional)

onMatch data of rule with decision and parameters.

onNoMatch (optional)

onNoMatch data of rule with decision and parameters.

defaultDecision (optional)

Default decision of rule with decision and parameters

Returns

Returns the updated rule ...

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
ruleIdrequiredstringRule _id
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
Request body

Request body contains below fields to update rules.

{
    "name": "string optional"
    "category": "string optional",
    "tags": [
       "string optional"
     ],
    "description": "string optional",
    "enabled": "boolean optional",
    "criteria": "string optional - any or all",
    "conditions": [
       {
          "factName": "string optional",
          "valueType": "string required - STRING, NUMBER, IP, CIDR (192.98.70.00/20), ARRAY",
          "value": " 'string' | 10 | '192.98.70.00' | '192.98.70.00/20' | '192.98.70.00-192.98.70.12' | ['some string'] | [] required",
          "operator": "string required [eq, neq, gt, lt, in, nin, overlap, nooverlap, isempty]"
       }
    ],
    "onMatch": {
       "decision": "string optional",
       "params": {}
    },
    "onNoMatch": {
       "decision": "string optional",
       "params": {}
    },
    "defaultDecision": {
       "decision": "string optional",
       "params": {}
    }
}

For valueType STRING operators [eq, neq] are valid
For valueType NUMBER operators [eq, neq, gt, lt] are valid
For valueType IP operators [eq, neq] are valid
For valueType CIDR operators [eq, neq] are valid
For valueType ARRAY operators [in, nin, overlap, nooverlap, isempty] are valid
FieldTypeDescription
namestring
categorystring
tagsarray<string>optional, default empty array
descriptionstring
enabledboolean
criteriastring
conditionsarray<object>if empty, no conditions defined, rule assumed "diasbled"
onMatchobject
onNoMatchobject
defaultDecisionobject
PATCHhttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rule/{ruleId}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rule/xxxxxxxxxxxxxxxxxxxxx' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>' \
  -H 'Content-Type: application/json' \
  -d '{"name": "string", "category": "string", "tags": ["string"], "description": "string", "enabled": true, "criteria": "string", "conditions": [{"factName": "string", "valueType": "string", "value": "string", "operator": "string"}], "onMatch": {"decision": "string", "params": {}}, "onNoMatch": {"decision": "string", "params": {}}, "defaultDecision": {"decision": "string", "params": {}}}'
RESPONSE
200
304
400
401
404
Success Updated rule object, ``` { "name": "xxxxxxxxxxx" "category": "xxxxxxxxxx", "tags": [ "xxxxxxx", "xxxxxxxxxx" ], "description": "xxxxxxxxxx", "enabled": "true", "createdBy": "xxxxxxxx", "criteria": "any", "conditions": [ { "factName": "xxxxxxxxxxxx", "valueType": "xxxxxxxxxxxxx", "value": "xxxxxxxxxxxxxxxxxx", "operator": "xxxxxxxxxxxxxxxxxxx" } ], "onMatch": { "decision": "xxxxxxxxxxxxxx", "params": {} }, "onNoMatch": { "decision": "xxxxxxxxxxxxxxxx", "params": {} }, "defaultDecision": { "decision": "xxxxxxxxxxxxxxxxxxxxxxx", "params": {} } } ```
{
  "name": "string",
  "category": "string",
  "tags": [
    "string"
  ],
  "description": "string",
  "enabled": true,
  "criteria": "string",
  "conditions": [
    {
      "factName": "string",
      "valueType": "string",
      "value": "string",
      "operator": "string"
    }
  ],
  "onMatch": {
    "decision": "string",
    "params": {}
  },
  "onNoMatch": {
    "decision": "string",
    "params": {}
  },
  "defaultDecision": {
    "decision": "string",
    "params": {}
  }
}
DELETE/tenant/{tenantId}/community/{communityId}/rule/{ruleId}

Delete Rule

Delete a rule by ruleId.

  • valid community license with authlevel system, service, service_ext.

Headers

licensekey (required)

License key

requestid (optional)

JSON string

Returns

Returns the deleted status ...

Path parameters
NameTypeDescription
tenantIdrequiredstringID of tenant
communityIdrequiredstringID of community
ruleIdrequiredstringRule _id
Headers
NameTypeDescription
licensekeyrequiredstringLicense key / Try Authorize &#128274;
requestidstringRequest Id (string, plain text)
DELETEhttps://pilot-root.1kosmos.net/rules-engine/tenant/{tenantId}/community/{communityId}/rule/{ruleId}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/rules-engine/tenant/xxxxxxxxxx/community/xxxxxxxxxxxxxxxxxxxxxxxx/rule/xxxxxxxxxxxxxxxxxxxxx' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'requestid: <ecdsa-requestid>'
RESPONSE
200
304
400
401
404
Success
// no response body
Rules Engine

Service Key

Service Key endpoints.

GET/servicekeys

Get service keys (Not Implemented)

This endpoint returns available service keys. The license you are using must be of authLevel 'system'

Headers

licensekey (required)

License key

Returns

Returns array with service keys

Headers
NameTypeDescription
licensekeyrequiredstringLicense key encrypted with ECDSA / Try Authorize &#128274;
GEThttps://pilot-root.1kosmos.net/rules-engine/servicekeys
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/servicekeys' \
  -H 'licensekey: YOUR_LICENSE_KEY'
RESPONSE
200
400
401
500
501
Success
[
  {
    "tag": "xxxxx",
    "keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
    "keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
    "type": "xxxxx"
  }
]
DELETE/servicekey/{keyId}

Reset Service Key (Not Implemented)

This endpoint resets service key for given keyId. Deletes current one and recreates a new one. The license you are using must be of authLevel 'system'

Parameters

keyId (required)

The keyId of service key to reset

Headers

licensekey (required)

License key encrypted with ECDSA

requestid (required)

JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now

publickey (required)

Public key

Returns

Returns re-created service key

Path parameters
NameTypeDescription
keyIdrequiredstringkeyId of service key to reset
Headers
NameTypeDescription
licensekeyrequiredstringLicense key encrypted with ECDSA / Try Authorize &#128274;
DELETEhttps://pilot-root.1kosmos.net/rules-engine/servicekey/{keyId}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/rules-engine/servicekey/<keyId>' \
  -H 'licensekey: YOUR_LICENSE_KEY'
RESPONSE
200
400
401
500
501
Success
[
  {
    "tag": "xxxxx",
    "keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
    "keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
    "type": "xxxxx"
  }
]
Rules Engine

Environment

Environment endpoints.

GET/environment

/environment

Provide details regarding the environments.

Returns

Returns an environment object

GEThttps://pilot-root.1kosmos.net/rules-engine/environment
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/environment' \
  -H 'license: YOUR_LICENSE_KEY'
RESPONSE
200
Success
// no response body
Rules Engine

Healthz

Healthz endpoints.

GET/healthz

Get healthz.

Get healthz

Returns

Returns a healthz object

  • ``version = <git-tag>.<commit-id>.<dob>``
  • ``git-tag``: When code is compiled from a git-tag, this must carry the tag name. This should match one of the git tags.
  • ``commit-id``: This is the git-commit-id. eg: When code is built from this, the hex code, in the end, is the commit it.
  • ``dob``: Date Of Build. This is epoch-time in seconds when the build was created.
  • ​if the code is not built from a git-tag, then the ``version =<commit-id>.<dob>``
GEThttps://pilot-root.1kosmos.net/rules-engine/healthz
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/healthz' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'license: YOUR_LICENSE_KEY'
RESPONSE
200
Success ``` { "status": "all services operational", "code": "200", "version": "<version>" //as defined above } ```
{
  "status": "all services operational",
  "publicKey": "//same as <service>/publickeys endpoint",
  "code": "200",
  "version": "xxxx.xxxx.xxxx"
}
Rules Engine

Service Directory

Service Directory endpoints.

GET/sd

Get all service directories.

Get all service directories.

Returns

Returns all service directories.

GEThttps://pilot-root.1kosmos.net/rules-engine/sd
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/rules-engine/sd' \
  -H 'licensekey: YOUR_LICENSE_KEY' \
  -H 'license: YOUR_LICENSE_KEY'
RESPONSE
200
404
{
  "name1": "https://xxx.xxxxxx.xxx/xxxxx",
  "name2": "https://xxx.xxxxxx.xxx/xxxxx",
  "name3": "https://xxx.xxxxxx.xxx/xxxxx"
}
© 2026 1Kosmos · Rules Engine service v1.10.02.02Generated from the OpenAPI spec · rules-engine.json