Authentication - Validate Api Policy
Validates the result of a policy update without persisting it.
POST https://titleId.playfabapi.com/Admin/ValidateApiPolicyRequest Header
| Name | Required | Type | Description |
|---|---|---|---|
| X-SecretKey | True |
string |
This API requires a title secret key, available to title admins, from PlayFab Game Manager. |
Request Body
| Name | Required | Type | Description |
|---|---|---|---|
| OverwritePolicy | True |
boolean |
Whether the validation should simulate overwriting or appending to the existing policy. |
| PolicyVersion | True |
number |
Version of the policy to validate against. Must be the latest (as returned by GetPolicy). |
| Statements | True |
The statements to validate. |
|
| PolicyName |
string |
The name of the policy to validate. Only 'ApiPolicy' is supported. This parameter is optional and defaults to 'ApiPolicy' if omitted. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK | ||
| 400 Bad Request |
This is the outer wrapper for all responses with errors |
Security
X-SecretKey
This API requires a title secret key, available to title admins, from PlayFab Game Manager.
Type:
apiKey
In:
header
Definitions
| Name | Description |
|---|---|
|
Api |
|
|
Api |
The basic wrapper around every failed API response |
| Conditionals | |
|
Effect |
|
|
Permission |
|
|
Policy |
|
|
Validate |
Validates the proposed policy change and returns the resulting merged policy, validation errors, warnings, and a diff summary showing what would change. Use this to validate the impact of a policy update before calling UpdatePolicy. No changes are saved. |
|
Validate |
ApiCondition
| Name | Type | Description |
|---|---|---|
| HasSignatureOrEncryption |
Require that API calls contain an RSA encrypted payload or signed headers. |
ApiErrorWrapper
The basic wrapper around every failed API response
| Name | Type | Description |
|---|---|---|
| code |
integer |
Numerical HTTP code |
| error |
string |
Playfab error code |
| errorCode |
integer |
Numerical PlayFab error code |
| errorDetails |
object |
Detailed description of individual issues with the request object |
| errorMessage |
string |
Description for the PlayFab errorCode |
| status |
string |
String HTTP code |
Conditionals
| Value | Description |
|---|---|
| Any | |
| True | |
| False |
EffectType
| Value | Description |
|---|---|
| Allow | |
| Deny |
PermissionStatement
| Name | Type | Description |
|---|---|---|
| Action |
string |
The action this statement effects. May only be ''. This parameter is optional and defaults to '' if omitted. |
| ApiConditions |
Additional conditions to be applied for API Resources. |
|
| Comment |
string |
A comment about the statement. Intended solely for bookkeeping and debugging. |
| Effect |
The effect this statement will have. It could be either Allow or Deny |
|
| Principal |
string |
The principal this statement will effect. May be '' to match all callers, or a JSON object targeting a specific entity type, e.g. {"title_player_account":""} for players or {"master_player_account":"*"} for master player accounts. |
| Resource |
string |
The resource this statements effects. The only supported resources look like 'pfrn:api--*' for all apis, or 'pfrn:api--/Client/ConfirmPurchase' for specific apis. |
PolicyDiffSummary
| Name | Type | Description |
|---|---|---|
| StatementsAdded |
number |
Number of new statements that would be added. |
| StatementsRemoved |
number |
Number of existing statements that would be removed. Only applicable when OverwritePolicy is true. |
| StatementsReplaced |
number |
Number of existing statements that would be replaced by functionally equivalent incoming statements (e.g., same resource/effect/principal but different comment). |
| StatementsUnchanged |
number |
Number of existing statements that would remain unchanged. |
| TotalResultingStatements |
number |
Total number of statements in the resulting policy. |
ValidateApiPolicyRequest
Validates the proposed policy change and returns the resulting merged policy, validation errors, warnings, and a diff summary showing what would change. Use this to validate the impact of a policy update before calling UpdatePolicy. No changes are saved.
| Name | Type | Description |
|---|---|---|
| OverwritePolicy |
boolean |
Whether the validation should simulate overwriting or appending to the existing policy. |
| PolicyName |
string |
The name of the policy to validate. Only 'ApiPolicy' is supported. This parameter is optional and defaults to 'ApiPolicy' if omitted. |
| PolicyVersion |
number |
Version of the policy to validate against. Must be the latest (as returned by GetPolicy). |
| Statements |
The statements to validate. |
ValidateApiPolicyResponse
| Name | Type | Description |
|---|---|---|
| Diff |
Summary of what would change compared to the current policy. |
|
| IsValid |
boolean |
Whether the proposed policy is valid and would be accepted by UpdatePolicy. |
| PolicyName |
string |
The name of the policy validated. |
| PolicyVersion |
number |
Policy version. |
| ResultingStatements |
The full set of statements that would result from applying this update. |
|
| ValidationErrors |
string[] |
Validation errors that would cause UpdatePolicy to reject this request. Empty if IsValid is true. |
| Warnings |
string[] |
Non-blocking warnings about the proposed policy (e.g., near statement limit, duplicate statements). |