Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.adrian.secureagentics.ai/llms.txt

Use this file to discover all available pages before exploring further.

Policies are the primary mechanism for governing what your AI agents are allowed to do. When an agent sends an event to Secureagentics, all policies assigned to that agent are evaluated in real time before the event is accepted. If a policy condition is met, the configured action — blocking, rate-limiting, flagging for approval, or filtering data — is applied immediately.

Policy types

Secureagentics supports four policy types:
TypeWhat it does
block_actionRejects the event outright and returns a 403 to the agent. Use this to prohibit specific behaviors, such as tool calls to disallowed endpoints.
rate_limitRestricts the number of events of a given type per agent per time window. Exceeding the limit blocks further events until the window resets.
data_filterInspects event payloads for sensitive data patterns (such as PII or credentials) and redacts or blocks the event.
require_approvalHolds the event in a pending state until a human reviewer approves or rejects it from the dashboard.
An agent can have multiple policies assigned simultaneously. Policies are evaluated in the order they were assigned. The first matching policy that triggers a blocking action stops evaluation — subsequent policies are not checked for that event.

Create a policy

1

Open the Policies page

In the Secureagentics dashboard, navigate to Settings → Policies. You will see a list of existing policies in your organization.
2

Start a new policy

Click New Policy in the top-right corner. The policy creation form opens.
3

Set the policy name and type

Enter a descriptive name for the policy. Choose a Policy Type from the dropdown: block_action, rate_limit, data_filter, or require_approval.
4

Configure conditions

Conditions define when the policy fires. The available condition fields depend on the policy type:
  • Event type — target a specific event type such as prompt or tool_call.
  • Payload match — match on a field value in the event payload (for example, tool == "external_api").
  • Threshold — for rate_limit policies, set the maximum event count and the time window (seconds).
5

Configure the action

Set what happens when the condition is met. For block_action, the event is rejected. For rate_limit, specify the limit and window. For data_filter, choose whether to redact or block. For require_approval, optionally add a reviewer notification email.
6

Save the policy

Click Save Policy. The policy is created but not yet active on any agent — you need to assign it to one or more agents (see Assign a policy to an agent below).

Example: rate-limit policy for 100 prompts per minute

The following policy blocks an agent from sending more than 100 prompt events per 60-second window. This prevents runaway loops or abusive usage patterns from consuming excessive LLM resources. 
import requests

API_KEY = "your_api_key_here"
BASE_URL = "https://api.secureagentics.ai/v1"

policy_payload = {
    "name": "max-100-prompts-per-minute",
    "type": "rate_limit",
    "conditions": {
        "event_type": "prompt",
        "threshold": 100,
        "window_seconds": 60,
    },
    "actions": {
        "on_exceed": "block",
        "alert": True,
    },
}

response = requests.post(
    f"{BASE_URL}/policies",
    headers={
        "Authorization": f"Bearer {API_KEY}",
        "Content-Type": "application/json",
    },
    json=policy_payload,
)
response.raise_for_status()
print("Policy created:", response.json()["id"])

Assign a policy to an agent

A policy has no effect until you assign it to one or more agents.
1

Open the agent detail page

Navigate to Agents and click the agent you want to govern.
2

Go to the Policies tab

On the agent detail page, select the Policies tab.
3

Attach the policy

Click Add Policy, select your policy from the list, and confirm. The policy becomes active immediately.

What happens when a policy is violated

When an agent sends an event and a policy condition is met:
  1. The event is blocked. Secureagentics returns HTTP 403 to the agent with a response body that includes "error": "policy_violation" and the policy_id that triggered the block.
  2. An alert is fired (if the policy has "alert": true in its actions). The alert appears in the Alerts feed in the dashboard, and any configured notification channels (email, Slack, webhook) receive a notification.
  3. The event is recorded in audit logs. Even though the event was blocked, Secureagentics stores a record of the attempted event and the policy that blocked it. You can retrieve these records via GET /v1/audit-logs.
Your agent code must handle 403 responses from the events endpoint. If you do not handle this case, the agent may crash or silently drop errors. Check the response status code after every event submission and implement appropriate fallback logic.
Example blocked-event response: 
{
  "error": "policy_violation",
  "policy_id": "pol_07ab1c2d3e4f5g6h",
  "policy_name": "max-100-prompts-per-minute",
  "message": "Rate limit of 100 prompt events per 60 seconds exceeded.",
  "agent_id": "agt_01hx9z3k2m4n5p6q7r8s9t0u"
}