Gets and updates info about an account’s Acceptable Use Policy and Privacy Policy
Learner - Policies API
Interfaces
List the two policies for the current domain (AUP/PP)
GET
/api/learner/policies
This endpoint is public, and intentionally NOT authenticated.
The reason for this is that Privacy Policy and Acceptable Use Policy info need to be
accessible even for non-logged-in users. We have links to these pages on the login screen,
so we cannot enforce any authorization on this endpoint. Same goes for #show.
Response Codes
200 OK
Example Response
{
"policies": [
{
"custom_body": null,
"custom_body_markup": null,
"display_on_login": true,
"domain_id": "75",
"id": "42",
"policy_type": "acceptable_use",
"region_type": "domestic",
"updated_at": "2017-08-04T23:33:38.847931Z"
},
{
"custom_body": "<div>custom stuff</div>",
"custom_body_markup": "<div>custom stuff</div>",
"display_on_login": false,
"domain_id": "75",
"id": "43",
"policy_type": "privacy",
"region_type": "custom",
"updated_at": "2017-08-05T23:33:38.847931Z"
}
]
}
Get a single Policy object
GET
/api/learner/policies/:id
Response Codes
200 OK
Example Response
{
"policy": {
"custom_body": null,
"custom_body_markup": null,
"display_on_login": true,
"domain_id": "75",
"id": "42",
"policy_type": "acceptable_use",
"region_type": "domestic",
"updated_at": "2017-08-04T23:33:38.847931Z"
}
}
A PATCH action with json payload to update a Policy
PATCH
/api/learner/policies
Request payload is a json object of a Policy.
It must contain the id of the Policy,
and it must fit the schema of a Policy (lest you get a 400 Bad Request),
but otherwise you can provide as many or as little fields
as you want to update.
It will only allow you to update these fields:
custom_body
display_on_login
region_type
Only support users are authorized to hit this endpoint and update Policies.
If you are a non-support user you will get a 401.
Responds with the updated Policy object.
Response Codes
200 OK
400 Bad Request
401 Unauthorized
Example Requests
{
"id": "42",
"region_type": "international"
}
curl \
-X PATCH \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{"id":"42","region_type":"international"}' \
http://<bridge>/api/learner/policies
Example Response
{
"customBody": "sand",
"customBodyMarkup": "<p>sand</p>",
"displayOnLogin": false,
"domainId": "24",
"id": "42",
"policyType": "privacy",
"regionType": "domestic",
"updatedAt": "2017-08-04T23:33:38.847931Z"
}
Interfaces
List the two policies for the current domain (AUP/PP)
This endpoint is public, and intentionally NOT authenticated. The reason for this is that Privacy Policy and Acceptable Use Policy info need to be accessible even for non-logged-in users. We have links to these pages on the login screen, so we cannot enforce any authorization on this endpoint. Same goes for #show.
Response Codes
200 OK
Example Response
{ "policies": [ { "custom_body": null, "custom_body_markup": null, "display_on_login": true, "domain_id": "75", "id": "42", "policy_type": "acceptable_use", "region_type": "domestic", "updated_at": "2017-08-04T23:33:38.847931Z" }, { "custom_body": "<div>custom stuff</div>", "custom_body_markup": "<div>custom stuff</div>", "display_on_login": false, "domain_id": "75", "id": "43", "policy_type": "privacy", "region_type": "custom", "updated_at": "2017-08-05T23:33:38.847931Z" } ] }
Get a single Policy object
Response Codes
200 OK
Example Response
{ "policy": { "custom_body": null, "custom_body_markup": null, "display_on_login": true, "domain_id": "75", "id": "42", "policy_type": "acceptable_use", "region_type": "domestic", "updated_at": "2017-08-04T23:33:38.847931Z" } }
A PATCH action with json payload to update a Policy
Request payload is a json object of a Policy. It must contain the id of the Policy, and it must fit the schema of a Policy (lest you get a 400 Bad Request), but otherwise you can provide as many or as little fields as you want to update.
It will only allow you to update these fields: custom_body display_on_login region_type
Only support users are authorized to hit this endpoint and update Policies. If you are a non-support user you will get a 401.
Responds with the updated Policy object.
Response Codes
200 OK
400 Bad Request
401 Unauthorized
Example Requests
{ "id": "42", "region_type": "international" }
curl \ -X PATCH \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ -d '{"id":"42","region_type":"international"}' \ http://<bridge>/api/learner/policies
Example Response
{ "customBody": "sand", "customBodyMarkup": "<p>sand</p>", "displayOnLogin": false, "domainId": "24", "id": "42", "policyType": "privacy", "regionType": "domestic", "updatedAt": "2017-08-04T23:33:38.847931Z" }