Aether365

English

Deutsch
Français
Español
Nederlands
Türkçe
Italiano
Ελληνικά
Polski
Български
Čeština
Dansk
Eesti
Suomi
Magyar
Lietuvių
Latviešu
Norsk bokmål
Português
Română
Slovenčina
Slovenščina
Svenska
Українська

English

Deutsch
Français
Español
Nederlands
Türkçe
Italiano
Ελληνικά
Polski
Български
Čeština
Dansk
Eesti
Suomi
Magyar
Lietuvių
Latviešu
Norsk bokmål
Português
Română
Slovenčina
Slovenščina
Svenska
Українська

Appearance

Policy Management API

Maintained by: Aether365 Team Audience: Developers Scope: Read security policy posture and harden allow-listed policies

Policy Management reports the state of a connected tenant's security-relevant policies - read live from Microsoft Graph - alongside a Conditional Access summary, and lets you set an allow-listed policy to its secure value in one call.

Requirements

Policy Management requires the Policy Management entitlement and a Microsoft 365 connection in AI Pilot (write-consent) mode. Without an AI Pilot connection the read endpoint returns { "aiPilotConnected": false }. Toggling a policy is a Microsoft Graph write and needs write consent.

Get Policy Posture

Returns the allow-listed policies with their current value and secure target, plus a Conditional Access summary.

GET /tenants/me/policies

Query Parameters

ParameterTypeDescription
connectionIdstringOptional. AI Pilot connection to read; defaults to the oldest one

Example Response

json
{
  "success": true,
  "data": {
    "aiPilotConnected": true,
    "msTenantId": "00000000-0000-0000-0000-000000000000",
    "policies": [
      {
        "key": "security_defaults",
        "title": "Security Defaults enabled",
        "current": false,
        "secure": true,
        "compliant": false
      },
      { "key": "conditional_access_summary", "policies": 4, "enabled": 3 }
    ]
  }
}

Harden a Policy

Sets an allow-listed policy to its secure value. The client supplies only the policy key; the Graph path and the secure body come from a server-side allow-list, so an arbitrary Graph write is never possible through this endpoint. The change is written through the AI Pilot connection and confirmed by a re-read.

POST /tenants/me/policies/toggle

Request Body

FieldTypeDescription
keystringThe allow-listed policy key to harden
connectionIdstringOptional. AI Pilot connection to act through

Example Request

bash
curl -X POST https://api.aether365.io/tenants/me/policies/toggle \
  -H "Authorization: Bearer ak_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "key": "security_defaults" }'

Example Response

json
{
  "success": true,
  "data": { "key": "security_defaults", "applied": true, "verified": true, "needsReconsent": false }
}
Was this page helpful?

© 2026 Aether365. All rights reserved.