Set Policies

Policies define which actions are allowed or blocked in your Fireblocks workspace: controlling who can initiate transactions, from which sources, to which destinations, and under what conditions. You can manage Policies directly in the Fireblocks Console using the Policy Editor, or programmatically via the API.

Managing policies via the API

The Fireblocks API gives you two ways to manage your Policy: publish changes directly, or work with a draft before publishing.

Publish directly

To retrieve your active Policy or publish a new one without a review step, use these endpoints:

• Get the active policy
• Publish a new set of policy rules

Work with drafts

If your workflow requires reviewing or validating Policy changes before they go live, use Policy Drafts:

• Get the active draft
• Update the draft with a new set of rules
• Publish a draft by ID

Best practices

Policy rules are evaluated in the order they are defined, so rule ordering matters. Place the most restrictive rules first, and order rules by likelihood of a match. This ensures high-risk or tightly scoped rules are evaluated before broader, more permissive ones, reducing the chance of a transaction being incorrectly approved.

Learn more

• About Policies: Help Center overview of how Policies work
• Policies developer guide: How to work with Policies programmatically