More Examples
More Authorisation Examples¶
Common patterns for working with the Authorisation API beyond basic intercept calls.
Registering an Agent Identity¶
import requests
response = requests.post(
"https://www.xybern.com/api/v1/enforce/agents",
headers={"X-API-Key": "xb_your_api_key"},
json={
"agent_id": "finance_agent_001",
"name": "Finance Reporting Agent",
"role": "financial_analyst",
"allowed_tools": ["read_database", "generate_report", "send_email"],
"denied_tools": ["delete_records", "modify_schema"],
"max_delegation_depth": 2
}
)
print(response.json()["status"]) # "registered"
Creating a Policy¶
response = requests.post(
"https://www.xybern.com/api/v1/enforce/policies",
headers={"X-API-Key": "xb_your_api_key"},
json={
"policy_id": "no_external_email_without_approval",
"name": "Block external email without human approval",
"rules": [
{
"condition": {
"action.tool": "send_email",
"action.parameters.to": {"not_contains": "@company.com"}
},
"effect": "DENY",
"reason": "External emails require human-in-the-loop approval"
}
],
"shadow_mode": False
}
)
A2A Delegation¶
response = requests.post(
"https://www.xybern.com/api/v1/enforce/delegate",
headers={"X-API-Key": "xb_your_api_key"},
json={
"delegator_agent_id": "orchestrator_agent",
"delegate_agent_id": "sub_agent_001",
"scoped_tools": ["read_database", "generate_report"],
"expires_in_seconds": 1800,
"context": {"task": "q4_report", "initiated_by": "orchestrator_agent"}
}
)
print(response.json()["delegation_token"])
Breakglass, Emergency Override¶
response = requests.post(
"https://www.xybern.com/api/v1/enforce/breakglass",
headers={"X-API-Key": "xb_your_api_key"},
json={
"agent_id": "incident_response_agent",
"reason": "Production incident — database migration requires elevated access",
"requested_tools": ["modify_schema", "delete_records"],
"duration_seconds": 900,
"approver_id": "admin_user_007"
}
)
# Breakglass events are always logged regardless of outcome
print(response.json()["breakglass_token"])