Compliance - Settings
Read and update compliance settings for a tenant. Settings control which compliance views are enabled and how file egress is restricted.
Get Tenant Compliance Settings
Return the effective compliance settings for a tenant.
Endpoint
GET /v1/compliance/settings/{tenant_id}
Path Parameters
tenant_id(required): Tenant ID (e.g."tenant_abc123").
Example Query
curl 'https://ai.hatz.ai/v1/compliance/settings/tenant_abc123' \
-H 'X-API-Key: $HATZ_API_KEY'
Response
{
"tenant_id": "tenant_abc123",
"audit_events_view_enabled": true,
"invocations_view_enabled": true,
"invocations_view_content_enabled": false,
"file_egress_policy": "direct_and_microsoft_365"
}
Response Fields
| Field | Type | Description |
|---|---|---|
tenant_id |
string | The tenant identifier as supplied by the caller. |
audit_events_view_enabled |
boolean | Whether the audit events log is accessible for this tenant. |
invocations_view_enabled |
boolean | Whether the invocations log is accessible for this tenant. |
invocations_view_content_enabled |
boolean | Whether full message/step content is accessible for invocations. Requires invocations_view_enabled to be true. |
file_egress_policy |
string | Controls how files can be downloaded. See File Egress Policies below. |
File Egress Policies
| Value | Description |
|---|---|
direct_and_microsoft_365 |
Both direct downloads and Microsoft 365 export are allowed. This is the default. |
direct_only |
Direct browser/API downloads are allowed; Microsoft 365 export is blocked. |
microsoft_365_only |
Direct browser/API downloads are blocked; Microsoft 365 export and authenticated inline image rendering are still permitted. |
disabled |
All file egress is blocked, including Microsoft 365 export. |
Error Responses
400— Invalidtenant_idformat.403— Insufficient permissions to manage compliance settings for this tenant.
Update Tenant Compliance Settings
Update compliance settings for a tenant. Only the fields you provide are changed. You must include at least one field.
Note:
file_egress_policycannot be changed via API key. This field requires an interactive user session.
Endpoint
PATCH /v1/compliance/settings/{tenant_id}
Path Parameters
tenant_id(required): Tenant ID (e.g."tenant_abc123").
Request Body
All fields are optional, but at least one must be provided.
| Field | Type | Description |
|---|---|---|
audit_events_view_enabled |
boolean | Enable or disable the audit events view for this tenant. |
invocations_view_enabled |
boolean | Enable or disable the invocations view for this tenant. |
invocations_view_content_enabled |
boolean | Enable or disable full message/step content access for invocations. |
file_egress_policy |
string | Set the file egress policy. One of: direct_and_microsoft_365, direct_only, microsoft_365_only, disabled. Cannot be changed via API key. |
Example Request
curl -X PATCH 'https://ai.hatz.ai/v1/compliance/settings/tenant_abc123' \
-H 'X-API-Key: $HATZ_API_KEY' \
-H 'Content-Type: application/json' \
-d '{
"audit_events_view_enabled": true,
"invocations_view_enabled": true,
"invocations_view_content_enabled": false
}'
Response
Returns the full updated settings object.
{
"tenant_id": "tenant_abc123",
"audit_events_view_enabled": true,
"invocations_view_enabled": true,
"invocations_view_content_enabled": false,
"file_egress_policy": "direct_and_microsoft_365"
}
Error Responses
400— Invalidtenant_id, or no fields were provided in the request body.403— Insufficient permissions, orfile_egress_policywas included but caller is authenticated via API key.