list_payment_policies

GET

/v1/payments/policies

const url = 'https://app.everruns.com/api/v1/payments/policies';
const options = {method: 'GET'};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request GET \
  --url https://app.everruns.com/api/v1/payments/policies

List payment policies.

Parameters

Query Parameters

payment_account_id

string | null

Filter to policies that authorize a specific payment account.

subject_type

string | null

Filter to a single subject class.

subject_id

string | null

Filter to a specific subject principal id.

Responses

200

List payment policies

application/json

Array<object>

A payment policy — the binding between a paying account and a subject (agent identity, session) that controls which paid calls are authorized and at what spend caps.

object

allowed_capabilities

required

Capability IDs this policy permits paid calls for. Empty list means no capability gating.

Array<string>

allowed_hosts

required

HTTP host allowlist for paid outbound calls. Empty list means no host gating.

Array<string>

created_at

required

Timestamp when this policy was created (RFC 3339).

string format: date-time

required

Prefixed public identifier. See ID Schema.

string

/^paypol_[0-9a-f]{32}$/

max_amount_usd_per_day

Maximum cumulative amount (USD) per UTC day. Advisory only — not yet enforced. Stored on the policy for forward compatibility; the payment authority currently checks only max_amount_usd_per_request. None means no per-day cap.

number | null format: double

max_amount_usd_per_request

Maximum amount (USD) any single paid request may settle for. Enforced by the payment authority at policy selection. None means no per-request cap.

number | null format: double

max_amount_usd_per_turn

Maximum cumulative amount (USD) per agent turn. Advisory only — not yet enforced. Stored on the policy for forward compatibility; the payment authority currently checks only max_amount_usd_per_request. None means no per-turn cap.

number | null format: double

metadata

required

Free-form metadata attached to this policy.

organization_id

required

Owning organization’s prefixed public identifier.

string

payment_account_id

required

Payment account this policy authorizes spending from.

string

/^payacct_[0-9a-f]{32}$/

rail_preference

required

Preferred settlement rails in priority order; the authority picks the first available.

Array<string>

Allowed values: mpp_tempo x402_base

require_approval_above_usd

Threshold (USD) above which a request would require explicit human approval. Advisory only — not yet enforced. Stored on the policy for forward compatibility; no approval gate is wired up yet. None disables the (future) gate.

number | null format: double

status

required

Current lifecycle status of this policy.

string

Allowed values: active disabled pending succeeded failed released

subject_id

required

Prefixed identifier of the bound subject.

string

subject_type

required

Class of subject this policy binds to (e.g. agent_identity, session).

string

updated_at

required

Timestamp when this policy was last updated (RFC 3339).

string format: date-time

Example

[
  {
    "allowed_capabilities": [
      "paid_search",
      "paid_image_gen"
    ],
    "allowed_hosts": [
      "api.openai.com",
      "api.anthropic.com"
    ],
    "created_at": "2026-04-01T10:00:00Z",
    "id": "paypol_01933b5a00007000800000000000001",
    "max_amount_usd_per_day": 50,
    "max_amount_usd_per_request": 2.5,
    "max_amount_usd_per_turn": 5,
    "organization_id": "org_01933b5a000070008000000000000001",
    "payment_account_id": "payacct_01933b5a00007000800000000000001",
    "rail_preference": [
      "mpp_tempo"
    ],
    "require_approval_above_usd": 10,
    "status": "active",
    "subject_id": "identity_01933b5a000070008000000000000001",
    "subject_type": "agent_identity",
    "updated_at": "2026-05-20T14:00:00Z"
  }
]