> ## Documentation Index > Fetch the complete documentation index at: https://docs.grantex.dev/llms.txt > Use this file to discover all available pages before exploring further. # Policies > Define allow/deny authorization policies to control agent access. ## Overview The `policies` sub-client lets you create declarative authorization policies that control when and how agents can use their grants. Policies support scope-based rules, time-of-day restrictions, and priority-based evaluation. ```typescript theme={null} const policy = await grantex.policies.create({ name: 'business-hours-only', effect: 'deny', priority: 10, timeOfDayStart: '18:00', timeOfDayEnd: '09:00', }); ``` *** ## policies.create() Create a new authorization policy. ```typescript theme={null} const policy = await grantex.policies.create({ name: 'deny-payments-after-hours', effect: 'deny', priority: 10, scopes: ['payments:initiate'], timeOfDayStart: '18:00', timeOfDayEnd: '06:00', }); console.log(policy.id); // 'pol_01HXYZ...' console.log(policy.name); // 'deny-payments-after-hours' console.log(policy.effect); // 'deny' console.log(policy.priority); // 10 ``` ### Parameters Human-readable name for the policy. Whether this policy allows or denies matching requests. Evaluation priority. Higher-priority policies are evaluated first. Defaults to server-assigned value. Restrict the policy to a specific agent. Restrict the policy to a specific user. The scopes this policy applies to. If omitted, the policy applies to all scopes. Start time for a time-of-day restriction (24h format, e.g. `'09:00'`). End time for a time-of-day restriction (24h format, e.g. `'18:00'`). ### Response: `Policy` Unique policy identifier. Policy name. `'allow'` or `'deny'`. Evaluation priority. Restricted agent ID, or `null` for all agents. Restricted user ID, or `null` for all users. Restricted scopes, or `null` for all scopes. Time-of-day restriction start (24h format). Time-of-day restriction end (24h format). ISO 8601 creation timestamp. ISO 8601 last-updated timestamp. *** ## policies.list() List all policies for your organization. ```typescript theme={null} const result = await grantex.policies.list(); console.log(result.total); // 5 for (const policy of result.policies) { console.log(`${policy.name}: ${policy.effect} (priority ${policy.priority})`); } ``` ### Response: `ListPoliciesResponse` Array of policy objects. Total number of policies. *** ## policies.get() Retrieve a single policy by its ID. ```typescript theme={null} const policy = await grantex.policies.get('pol_01HXYZ...'); console.log(policy.name); // 'deny-payments-after-hours' console.log(policy.timeOfDayStart); // '18:00' console.log(policy.timeOfDayEnd); // '06:00' ``` ### Parameters The policy ID to retrieve. ### Response Returns a `Policy` object. *** ## policies.update() Update an existing policy. Only the provided fields are modified. ```typescript theme={null} const updated = await grantex.policies.update('pol_01HXYZ...', { name: 'deny-payments-overnight', timeOfDayStart: '22:00', timeOfDayEnd: '06:00', }); console.log(updated.name); // 'deny-payments-overnight' console.log(updated.timeOfDayStart); // '22:00' ``` ### Parameters The policy ID to update. New policy name. New effect. New priority. New agent restriction. Pass `null` to clear. New user restriction. Pass `null` to clear. New scope restriction. Pass `null` to clear. New time-of-day start. Pass `null` to clear. New time-of-day end. Pass `null` to clear. ### Response Returns the updated `Policy` object. *** ## policies.delete() Delete a policy. ```typescript theme={null} await grantex.policies.delete('pol_01HXYZ...'); // Returns void -- the policy is removed ``` ### Parameters The policy ID to delete. ### Response Returns `void`.