> ## Documentation Index
> Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# List policies



## OpenAPI

````yaml get /api/v1/deployments/{deploymentId}/policies
openapi: 3.0.3
info:
  description: >

    Welcome to Semgrep's portal for the Semgrep AppSec Platform web API.


    # Introduction

    Semgrep is a fast, open-source, static analysis tool for finding bugs and
    enforcing code standards at editor,

    commit, and CI time. [Get started.](https://semgrep.dev/getting-started/)


    Semgrep analyzes code locally on your computer or in your build environment:
    **code is never uploaded.**


    This API is documented in the **OpenAPI format**.


    # Authentication

    The API supports authentication with an API token with the "Web API"
    permission, without limited

    scopes of access.


    You can provision an API token [from the Settings
    page](https://semgrep.dev/orgs/-/settings/tokens).


    # Terms of Use


    Please note, the materials made available herein are subject to the

    [Semgrep Terms of Use](https://semgrep.dev/resources/website-terms/), and
    your

    access or use of any of the same is your acknowledgment and acceptance of
    the

    such terms.


    <br>


    ___
  title: Semgrep Web App
  version: 1.0.0
servers:
  - url: https://semgrep.dev
security: []
tags:
  - description: >-
      Deployments encapsulate your organization's security organization, with
      multiple projects, policies, and integrations. As the root object of the
      organization, they're similarly the root object of the API.
    name: DeploymentsService
    x-displayName: Deployment
  - description: >-
      Manage and retrieve code and supply chain security findings from Semgrep
      scans
    name: FindingsService
    x-displayName: Code and Supply Chain
  - description: Utility endpoints.
    name: MiscService
    x-displayName: Other
  - description: View and manage the Policies of your organization.
    name: PoliciesService
    x-displayName: Policies
  - name: ProjectsService
    x-displayName: Projects
  - description: View details of scans associated with projects in your organization.
    name: ScansService
    x-displayName: Scans
  - description: View and manage the Secrets of your organization.
    name: SecretsService
    x-displayName: Secrets
  - description: |-
      Manage the Supply Chain findings and dependencies of your organization.

      A request body is required, but may be an empty object.
    name: SupplyChainService
    x-displayName: Supply Chain
  - description: Create and manage external tickets
    name: TicketingService
    x-displayName: Ticketing
  - description: View and manage the triage of your organization.
    name: TriageService
    x-displayName: Triage
paths:
  /api/v1/deployments/{deploymentId}/policies:
    get:
      tags:
        - PoliciesService
      summary: List policies
      operationId: PoliciesService_ListPolicies
      parameters:
        - in: path
          name: deploymentId
          required: true
          schema:
            description: >-
              Deployment ID (numeric). Example: `123`. Can be found at
              `/deployments`, or in your Settings in the web UI.
            example: 123
            format: uint64
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/protos.openapi.v1.ListPoliciesResponse'
          description: OK
      security:
        - SemgrepWebToken: []
components:
  schemas:
    protos.openapi.v1.ListPoliciesResponse:
      properties:
        policies:
          description: List of Policies associated with the given Deployment.
          example:
            - id: '1'
              isDefault: true
              name: Global Policy
              productType: PRODUCT_TYPE_SAST
              slug: global_policy
            - id: '2'
              isDefault: false
              name: Semgrep test
              productType: PRODUCT_TYPE_SAST
              slug: semgrep_test
            - id: '3'
              isDefault: true
              name: Global Secrets Policy
              productType: PRODUCT_TYPE_SECRETS
              slug: global_secrets_policy
          items:
            $ref: '#/components/schemas/protos.common.v1.Policy'
          type: array
      type: object
    protos.common.v1.Policy:
      properties:
        id:
          description: ID of the Policy.
          example: '1'
          format: uint64
          type: string
        isDefault:
          description: When True, the Policy applies to all repositories.
          example: true
          type: boolean
        name:
          description: Name of the Policy.
          example: Global Policy
          type: string
        productType:
          description: |+
            Product type the Policy applies to.

            | value | description |
            |-------|---------------|
            | PRODUCT_TYPE_SAST | The product type for Code rules. |
            | PRODUCT_TYPE_SECRETS | The product type for Secrets rules. |

          enum:
            - PRODUCT_TYPE_SAST
            - PRODUCT_TYPE_SECRETS
          example: PRODUCT_TYPE_SAST
          format: enum
          type: string
        slug:
          description: Sanitized machine-readable name of the Policy.
          example: global_policy
          type: string
      title: Policy
      type: object
  securitySchemes:
    SemgrepWebToken:
      bearerFormat: string
      description: >-
        Get access to data with your API token. Example header:


        `Authorization: Bearer
        2991e2fb4b540fe75b8f90677b0b892b6314e4961cb001fe6eb452eee248a628`


        The token can be provisioned from the Tokens section in your Settings,
        and requires explicitly enabling `Web API` access.
      scheme: bearer
      type: http

````