Custom Rules

Fetch your organization's combined allowlist and blocklist in a single request. This endpoint is used by the Chrome extension and other clients that perform local scanning and need to sync custom rules without making separate calls to each list.

GET

/v1/custom-rules

Returns the combined allowlist and blocklist for the authenticated organization.

Response

200 OK

{
  "allowlist": [
    {
      "term": "Acme Corp",
      "domain": "pii"
    },
    {
      "term": "University of Example",
      "domain": null
    }
  ],
  "blocklist": [
    {
      "term": "Project Aurora",
      "severity": "high"
    },
    {
      "term": "internal-api-key",
      "severity": "medium"
    }
  ]
}

Response Fields

Field	Type	Description
`allowlist`	{ term, domain }[]	Allowlisted terms. `domain` is `null` for global entries.
`blocklist`	{ term, severity }[]	Enabled blocklist entries with their severity level.

Only enabled blocklist entries are returned. Disabled entries are excluded from the response.

Examples

SDK

// Fetch combined rules
const rules = await armor.getCustomRules();

console.log('Allowlisted terms:', rules.allowlist.length);
console.log('Blocklisted terms:', rules.blocklist.length);

cURL

curl https://indigiarmor.com/v1/custom-rules \
  -H "Authorization: Bearer ia_sk_..."