Create Rule

Description: Creates a new rule based on an existing rule template. Rules define the specific parameter values for policy evaluation. You must provide a valid template ID and parameter list as defined by the template schema.

Usage: POST https://{{artifactory-host}}/unifiedpolicy/api/v1/rules

Consumes: application/json

Request Body

Parameter	Type	Required/Optional	Description
`name`	string	Required	The name of the rule to create. Must be unique.
`description`	string	Optional	Free-text description of the rule purpose.
`is_custom`	boolean	Optional	Indicates if the rule is user-defined (`true`) or predefined (`false`). Default: `false`.
`template_id`	string	Required	The ID of the template the rule is based on.
`parameters`	array[object]	Required	Array of parameter name/value pairs that match the template definition.

parameters[] object

Parameter	Type	Required	Description
`name`	string	required	Name of the template parameter.
`value`	string	required	The value assigned to the parameter.

Sample Request

POST 'https://{host}.jfrog.io/apptrust/api/v1/rules'
Content-Type: application/json
Authorization: Bearer <token>

{
  "name": "Critical CVEs (9.0–10.0)",
  "description": "Triggers violation for CVEs with a score between 9.0–10.0.",
  "is_custom": false,
  "template_id": "tmpl-cve-severity",
  "parameters": [
    { "name": "CVE_severity", "value": "Critical" },
    { "name": "min_value", "value": "9.0" },
    { "name": "max_value", "value": "10.0" },
    { "name": "skip_not_applicable", "value": "true" }
  ]
}

Sample Response

{
  "id": "rule-12345",
  "name": "Critical CVEs (9.0–10.0)",
  "description": "Triggers violation for CVEs with a score between 9.0–10.0.",
  "is_custom": false,
  "template_id": "tmpl-cve-severity",
  "parameters": [
    { "name": "CVE_severity", "value": "Critical" },
    { "name": "min_value", "value": "9.0" },
    { "name": "max_value", "value": "10.0" },
    { "name": "skip_not_applicable", "value": "true" }
  ],
  "created_at": "2025-10-09T10:25:00Z",
  "created_by": "admin",
  "updated_at": "2025-10-09T10:25:00Z",
  "updated_by": "admin"
}

Status Codes

Code	Description
201	Rule created successfully
400	Bad Request (validation or parameter error)
401	Unauthorized
403	Forbidden (insufficient permissions)
409	Conflict (duplicate rule name or template mismatch)
500	Internal Server Error