Skip to main content
POST
/
v1
/
asset
/
policy
Create asset policy
curl --request POST \
  --url https://api.projectdiscovery.io/v1/asset/policy \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "policies": {
    "is_tech": true,
    "is_favicon": true,
    "is_new": true,
    "labels": "<string>",
    "host": "<string>",
    "port": "<string>",
    "status_code": "<string>",
    "content_length": "<string>",
    "title": "<string>",
    "domain": [
      "<string>"
    ],
    "cname": "<string>",
    "technologies": "<string>",
    "ip": "<string>",
    "is_screenshot": true,
    "time": "last_day",
    "start_date": "2023-12-25",
    "end_date": "2023-12-25",
    "custom_filter": "<string>",
    "search": "<string>",
    "enumeration_ids": [
      "<string>"
    ],
    "only_dns": true,
    "only_ip": true
  },
  "name": "<string>",
  "policy_type": "alert",
  "alerting_config_ids": [
    "<string>"
  ],
  "labels": [
    "<string>"
  ],
  "enumeration_ids": [
    "<string>"
  ],
  "apply_to_existing": false
}
'
{
  "message": "<string>",
  "id": "<string>"
}
The policy_type determines which fields are required:
Policy TypeRequired Fields
alert (default)alerting_config_ids
delete
set_labellabels
remove_labellabels
Conditions: Multiple filters in the policies object use AND logic — all conditions must match for the policy to apply.Scope: Set apply_to_existing to true to apply the policy to existing matching assets immediately. When false (default), the policy only acts on newly discovered assets.

Example Requests

Create a delete policy for noisy assets

curl -X POST "https://api.projectdiscovery.io/v1/asset/policy" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Remove 401 webhooks",
    "policy_type": "delete",
    "policies": {
      "host": "www.webhook.office.com",
      "status_code": "401"
    },
    "apply_to_existing": true
  }'

Create an alert policy for sensitive ports

curl -X POST "https://api.projectdiscovery.io/v1/asset/policy" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Alert on sensitive ports",
    "policy_type": "alert",
    "policies": {
      "port": "22,3306,5432,6379"
    },
    "alerting_config_ids": ["your-alerting-config-id"],
    "apply_to_existing": false
  }'

Create a labeling policy

curl -X POST "https://api.projectdiscovery.io/v1/asset/policy" \
  -H "X-Api-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Tag WordPress sites",
    "policy_type": "set_label",
    "policies": {
      "technologies": "WordPress"
    },
    "labels": ["cms", "wordpress"],
    "apply_to_existing": true
  }'

Authorizations

X-API-Key
string
header
required

Body

application/json
policies
AssetFilters · object
required
name
string

Display name for the policy. Auto-generated if not provided.

policy_type
enum<string>

Type of action to perform when policy matches assets

Available options:
alert,
delete,
set_label,
remove_label
alerting_config_ids
string[]

List of alerting configuration IDs (required when policy_type is 'alert')

labels
string[]

List of labels to apply/remove (required when policy_type is 'set_label' or 'remove_label')

enumeration_ids
string[]

Optional list of enumeration IDs to scope this policy to specific enumerations

apply_to_existing
boolean
default:false

When true, the policy action is applied to existing assets that match the conditions in addition to future assets. When false (default), the policy only applies to newly discovered assets.

Response

OK

message
string
id
string

Unique identifier of the created policy