Permission Policies

Nayker uses a strict, declarative YAML format for defining what an agent can and cannot do. Policies dictate scope, rate limits, and which actions trigger Human-in-the-Loop approvals.

Policy Format

Policies are evaluated top-down. Default state is DENY.

version: "v2.1"
name: "Email Outreach Policy"
description: "Allows agent to read leads and send emails, but requires approval for emails."

scopes:
  # Allow reading leads from the CRM
  - resource: "api.hubapi.com/crm/v3/objects/contacts"
    methods: ["GET"]
    max_requests_per_hour: 500

  # Allow sending emails via SendGrid
  - resource: "api.sendgrid.com/v3/mail/send"
    methods: ["POST"]
    max_requests_per_hour: 50

require_human_approval:
  - action: "POST api.sendgrid.com/v3/mail/send"
    timeout: "24h"
    auto_deny_on_timeout: true

Applying Policies

TypeScript

await nayker.policies.create({
  yaml: policyString
});

Python

nayker.policies.create(
    yaml=policy_string
)

Common Errors

yaml_parse_error: Ensure your YAML is perfectly formatted.
invalid_resource_uri: Resource paths must not contain protocol prefixes (e.g., no https://).

← Previous: Registration Next: Vault API →