Create a policy

Authorizations

Authorization

string

header

required

A JWT signed using your CDP API Key Secret, encoded in base64. Refer to the Generate Bearer Token section of our Authentication docs for information on how to generate your Bearer Token.

Headers

X-Idempotency-Key

string

An optional UUID v4 request header for making requests safely retryable. When included, duplicate requests with the same key will return identical responses. Refer to our Idempotency docs for more information on using idempotency keys.

Required string length: 36

Body

application/json

scope

enum<string>

required

The scope of the policy.

Available options:

project,

account

Example:

"project"

rules

required

A list of rules that comprise the policy. There is a limit of 10 rules per policy.

A rule that limits the behavior of an account.

SignEvmTransactionRule
SendEvmTransactionRule
SignEvmMessageRule
SignEvmTypedDataRule
SignSolTransactionRule
SendSolTransactionRule
SignSolMessageRule
SignEvmHashRule
PrepareUserOperationRule
SendUserOperationRule

Show child attributes

rules.action

enum<string>

required

Whether matching the rule will cause the request to be rejected or accepted.

Available options:

reject,

accept

Example:

"accept"

rules.operation

enum<string>

required

The operation to which the rule applies. Every element of the criteria array must match the specified operation.

Available options:

signEvmTransaction

Example:

"signEvmTransaction"

rules.criteria

(EthValueCriterion · object | EvmAddressCriterion · object | EvmDataCriterion · object | NetUSDChangeCriterion · object)[]

required

A schema for specifying criteria for the SignEvmTransaction operation.

A schema for specifying a criterion for the value field of an EVM transaction.

EthValueCriterion
EvmAddressCriterion
EvmDataCriterion
NetUSDChangeCriterion

Show child attributes

rules.criteria.type

enum<string>

required

The type of criterion to use. This should be ethValue.

Available options:

ethValue

Example:

"ethValue"

rules.criteria.ethValue

string

required

The amount of ETH, in wei, that the transaction's value field should be compared to.

Example:

"1000000000000000000"

rules.criteria.operator

enum<string>

required

The operator to use for the comparison. The transaction's value field will be on the left-hand side of the operator, and the ethValue field will be on the right-hand side.

Available options:

>,

>=,

<,

<=,

==

Example:

"<="

Example:

[
  {
    "type": "ethValue",
    "ethValue": "1000000",
    "operator": ">="
  },
  {
    "type": "evmAddress",
    "addresses": [
      "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
    ],
    "operator": "in"
  }
]

Example:

{
  "action": "accept",
  "operation": "signEvmTransaction",
  "criteria": [
    {
      "type": "ethValue",
      "ethValue": "1000000",
      "operator": ">="
    },
    {
      "type": "evmAddress",
      "addresses": [
        "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
      ],
      "operator": "in"
    }
  ]
}

description

string

An optional human-readable description for the policy. Policy descriptions can consist of alphanumeric characters, spaces, commas, and periods, and be 50 characters or less.

Example:

"Default policy"

Response

Successfully created policy.

string

required

The unique identifier for the policy.

Example:

"123e4567-e89b-12d3-a456-426614174000"

scope

enum<string>

required

The scope of the policy. Only one project-level policy can exist at any time.

Available options:

project,

account

Example:

"project"

rules

required

A list of rules that comprise the policy.

A rule that limits the behavior of an account.

SignEvmTransactionRule
SendEvmTransactionRule
SignEvmMessageRule
SignEvmTypedDataRule
SignSolTransactionRule
SendSolTransactionRule
SignSolMessageRule
SignEvmHashRule
PrepareUserOperationRule
SendUserOperationRule

Show child attributes

rules.action

enum<string>

required

Whether matching the rule will cause the request to be rejected or accepted.

Available options:

reject,

accept

Example:

"accept"

rules.operation

enum<string>

required

The operation to which the rule applies. Every element of the criteria array must match the specified operation.

Available options:

signEvmTransaction

Example:

"signEvmTransaction"

rules.criteria

(EthValueCriterion · object | EvmAddressCriterion · object | EvmDataCriterion · object | NetUSDChangeCriterion · object)[]

required

A schema for specifying criteria for the SignEvmTransaction operation.

A schema for specifying a criterion for the value field of an EVM transaction.

EthValueCriterion
EvmAddressCriterion
EvmDataCriterion
NetUSDChangeCriterion

Show child attributes

rules.criteria.type

enum<string>

required

The type of criterion to use. This should be ethValue.

Available options:

ethValue

Example:

"ethValue"

rules.criteria.ethValue

string

required

The amount of ETH, in wei, that the transaction's value field should be compared to.

Example:

"1000000000000000000"

rules.criteria.operator

enum<string>

required

The operator to use for the comparison. The transaction's value field will be on the left-hand side of the operator, and the ethValue field will be on the right-hand side.

Available options:

>,

>=,

<,

<=,

==

Example:

"<="

Example:

[
  {
    "type": "ethValue",
    "ethValue": "1000000",
    "operator": ">="
  },
  {
    "type": "evmAddress",
    "addresses": [
      "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
    ],
    "operator": "in"
  }
]

Example:

{
  "action": "accept",
  "operation": "signEvmTransaction",
  "criteria": [
    {
      "type": "ethValue",
      "ethValue": "1000000",
      "operator": ">="
    },
    {
      "type": "evmAddress",
      "addresses": [
        "0x742d35Cc6634C0532925a3b844Bc454e4438f44e"
      ],
      "operator": "in"
    }
  ]
}

Example:

[
  {
    "action": "accept",
    "operation": "signEvmTransaction",
    "criteria": [
      {
        "type": "ethValue",
        "ethValue": "1000000000000000000",
        "operator": "<="
      },
      {
        "type": "evmAddress",
        "addresses": [
          "0x742d35Cc6634C0532925a3b844Bc454e4438f44e",
          "0x1234567890123456789012345678901234567890"
        ],
        "operator": "in"
      }
    ]
  },
  {
    "action": "accept",
    "operation": "signSolTransaction",
    "criteria": [
      {
        "type": "solAddress",
        "addresses": [
          "HpabPRRCFbBKSuJr5PdkVvQc85FyxyTWkFM2obBRSvHT"
        ],
        "operator": "in"
      }
    ]
  }
]

createdAt

string

required

The ISO 8601 timestamp at which the Policy was created.

Example:

"2025-03-25T12:00:00Z"

updatedAt

string

required

The ISO 8601 timestamp at which the Policy was last updated.

Example:

"2025-03-26T12:00:00Z"

description

string

An optional human-readable description of the policy. Policy descriptions can consist of alphanumeric characters, spaces, commas, and periods, and be 50 characters or less.

Example:

"Default policy"

CDP API V2

REST API

Authorizations

Headers

Body

Response