Gets and updates info about an account’s Acceptable Use Policy and Privacy Policy
Learner - Policies API
Interfaces
List the two policies for the current domain (AUP/PP)
GET
/api/learner/policies
This endpoint is public, and intentionally NOT authenticated.
The reason for this is that Privacy Policy and Acceptable Use Policy info need to be
accessible even for non-logged-in users. We have links to these pages on the login screen,
so we cannot enforce any authorization on this endpoint. Same goes for #show.
Response Codes
200 OK
Example Response
{
"policies": [
{
"custom_body": null,
"custom_body_markup": null,
"display_on_login": true,
"domain_id": "75",
"id": "42",
"policy_type": "acceptable_use",
"region_type": "domestic",
"updated_at": "2017-08-04T23:33:38.847931Z"
},
{
"custom_body": "<div>custom stuff</div>",
"custom_body_markup": "<div>custom stuff</div>",
"display_on_login": false,
"domain_id": "75",
"id": "43",
"policy_type": "privacy",
"region_type": "custom",
"updated_at": "2017-08-05T23:33:38.847931Z"
}
]
}
Get a single Policy object
GET
/api/learner/policies/:id
Response Codes
200 OK
Example Response
{
"policy": {
"custom_body": null,
"custom_body_markup": null,
"display_on_login": true,
"domain_id": "75",
"id": "42",
"policy_type": "acceptable_use",
"region_type": "domestic",
"updated_at": "2017-08-04T23:33:38.847931Z"
}
}
A PATCH action with json payload to update a Policy
PATCH
/api/learner/policies
Request payload is a json object of a Policy.
It must contain the id of the Policy,
and it must fit the schema of a Policy (lest you get a 400 Bad Request),
but otherwise you can provide as many or as little fields
as you want to update.
It will only allow you to update these fields:
custom_body
display_on_login
region_type
Only support users are authorized to hit this endpoint and update Policies.
If you are a non-support user you will get a 401.
Responds with the updated Policy object.
Response Codes
200 OK400 Bad Request401 Unauthorized
Example Requests
{
"id": "42",
"region_type": "international"
}
curl \
-X PATCH \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{"id":"42","region_type":"international"}' \
http://<bridge>/api/learner/policies
Example Response
{
"customBody": "sand",
"customBodyMarkup": "<p>sand</p>",
"displayOnLogin": false,
"domainId": "24",
"id": "42",
"policyType": "privacy",
"regionType": "domestic",
"updatedAt": "2017-08-04T23:33:38.847931Z"
}
Interfaces
List the two policies for the current domain (AUP/PP)
GET
/api/learner/policies
This endpoint is public, and intentionally NOT authenticated. The reason for this is that Privacy Policy and Acceptable Use Policy info need to be accessible even for non-logged-in users. We have links to these pages on the login screen, so we cannot enforce any authorization on this endpoint. Same goes for #show.
Response Codes
200 OK
Example Response
{
"policies": [
{
"custom_body": null,
"custom_body_markup": null,
"display_on_login": true,
"domain_id": "75",
"id": "42",
"policy_type": "acceptable_use",
"region_type": "domestic",
"updated_at": "2017-08-04T23:33:38.847931Z"
},
{
"custom_body": "<div>custom stuff</div>",
"custom_body_markup": "<div>custom stuff</div>",
"display_on_login": false,
"domain_id": "75",
"id": "43",
"policy_type": "privacy",
"region_type": "custom",
"updated_at": "2017-08-05T23:33:38.847931Z"
}
]
}
Get a single Policy object
GET
/api/learner/policies/:id
Response Codes
200 OK
Example Response
{
"policy": {
"custom_body": null,
"custom_body_markup": null,
"display_on_login": true,
"domain_id": "75",
"id": "42",
"policy_type": "acceptable_use",
"region_type": "domestic",
"updated_at": "2017-08-04T23:33:38.847931Z"
}
}
A PATCH action with json payload to update a Policy
PATCH
/api/learner/policies
Request payload is a json object of a Policy. It must contain the id of the Policy, and it must fit the schema of a Policy (lest you get a 400 Bad Request), but otherwise you can provide as many or as little fields as you want to update.
It will only allow you to update these fields: custom_body display_on_login region_type
Only support users are authorized to hit this endpoint and update Policies. If you are a non-support user you will get a 401.
Responds with the updated Policy object.
Response Codes
200 OK400 Bad Request401 Unauthorized
Example Requests
{
"id": "42",
"region_type": "international"
}
curl \
-X PATCH \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{"id":"42","region_type":"international"}' \
http://<bridge>/api/learner/policies
Example Response
{
"customBody": "sand",
"customBodyMarkup": "<p>sand</p>",
"displayOnLogin": false,
"domainId": "24",
"id": "42",
"policyType": "privacy",
"regionType": "domestic",
"updatedAt": "2017-08-04T23:33:38.847931Z"
}