Set Policies

Overview

With the Fireblocks platform, your funds are, by design, protected with several security layers. The Authorization Policy is a crucial layer that defines what actions are allowed or blocked by which users from which sources, to which destinations and additional limitations. Visit the Fireblocks Help Center for additional details, to see examples, walkthroughs and details about proper logic settings for your use case.

On top of the Policy Editor tool in the Fireblocks Console, API users can retrieve details about the active Policy using the Get the active policy and its validation endpoint or to directly push a new Policy using the Send publish request for a set of policy rules endpoint.

Alternatively, if a certain use case in your organization requires you to check your Policy prior to publishing it, you may choose to work with Policy Drafts and retrieve the active Policy draft using the Get the active draft endpoint or update or post a new draft using the Update the draft with a new set of rules or Send publish request for a certain draft id endpoints.

Best Practices

TAP rules are evaluated in the order they are defined, so rule ordering is important. We recommend placing the most restrictive rules first and ordering rules internally based on the likelihood of a match. This ensures that high-risk or tightly scoped rules are evaluated before broader, more permissive ones, reducing the chance of a transaction being incorrectly approved by a less restrictive rule.

📘

Learn more about Policies

📘

Check out the Policy Developer Guide