Knit API Documentation
Create Policy
{{baseUrl}}/api/v1/managed-signing/policiesThis endpoint creates a new policy for managing signing request rules.
Headers
X-API-KEY: Your API key for authentication.Accept: Set toapplication/jsonto receive responses in JSON format.Content-Type: Set toapplication/json.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Policy name |
rules | object | Yes | Policy rules configuration |
Basic Example
{
"name": "default",
"rules": {
"chains": ["ETHEREUM_MAINNET"],
"maxApprovalAmount": "1000000",
"denyUnlimitedApprovals": true
}
}Full Policy Rules Schema
{
"name": "comprehensive-policy",
"rules": {
"chains": ["ETHEREUM_MAINNET", "MATIC_MAINNET"],
"tokens": ["0xAllowedToken1", "0xAllowedToken2"],
"spenders": ["0xAllowedSpender1"],
"maxApprovalAmount": "1000000000000000000",
"denyUnlimitedApprovals": true,
"requireApprovalAbove": "500000000000000000",
"rateLimits": {
"windowSec": 3600,
"maxCount": 10,
"maxValue": "5000000000000000000"
},
"allowRawTx": false,
"allowedContracts": ["0xContract1", "0xContract2"],
"typedData": {
"allow": true,
"allowedPrimaryTypes": ["Permit", "Order"],
"allowedDomains": [
{
"name": "Uniswap",
"chainId": 1,
"verifyingContract": "0xContractAddress"
}
]
},
"message": {
"allow": true,
"maxBytes": 1024,
"allowedPrefixes": ["Sign this message"]
}
}
}Policy Rules Reference
Transaction Controls
| Field | Type | Description |
|---|---|---|
chains | string[] | Allowed blockchain networks |
tokens | string[] | Allowed token contract addresses for approvals |
spenders | string[] | Allowed spender addresses for approvals |
allowedContracts | string[] | Contracts allowed for raw transactions |
allowRawTx | boolean | Allow raw transaction signing |
Approval Limits
| Field | Type | Description |
|---|---|---|
maxApprovalAmount | string | Maximum approval amount (in wei) |
denyUnlimitedApprovals | boolean | Block unlimited (max uint256) approvals |
requireApprovalAbove | string | Require manual approval above this amount |
Rate Limiting
| Field | Type | Description |
|---|---|---|
rateLimits.windowSec | number | Time window for rate limiting (seconds) |
rateLimits.maxCount | number | Max requests allowed in time window |
rateLimits.maxValue | string | Max total value in time window (wei) |
EIP-712 Typed Data Controls
| Field | Type | Description |
|---|---|---|
typedData.allow | boolean | Allow EIP-712 signing |
typedData.allowedPrimaryTypes | string[] | Allowed EIP-712 primary types |
typedData.allowedDomains | object[] | Allowed EIP-712 domains |
typedData.allowedDomains[].name | string | Domain name |
typedData.allowedDomains[].chainId | number | Chain ID |
typedData.allowedDomains[].verifyingContract | string | Contract address |
EIP-191 Message Controls
| Field | Type | Description |
|---|---|---|
message.allow | boolean | Allow EIP-191 message signing |
message.maxBytes | number | Max message size in bytes |
message.allowedPrefixes | string[] | Required message prefixes |
Sample Request
curl --location -g '{{baseUrl}}/api/v1/managed-signing/policies' \
--header 'X-API-KEY: {{apiKey}}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"name": "default",
"rules": {
"chains": ["ETHEREUM_MAINNET"],
"maxApprovalAmount": "1000000",
"denyUnlimitedApprovals": true
}
}'Sample Response
Sample Response
{
"statusCode": 201,
"message": "Policy created",
"data": {
"id": "<local-policy-id>",
"businessId": "<business-id>",
"name": "default",
"rules": {
"chains": ["ETHEREUM_MAINNET"],
"maxApprovalAmount": "1000000",
"denyUnlimitedApprovals": true
},
"createdAt": "2026-01-20T18:30:40.912Z",
"updatedAt": "2026-01-20T18:30:40.912Z"
},
"success": true
}Response Fields
| Field | Type | Description |
|---|---|---|
id | string | Local policy ID (use this in subsequent requests) |
businessId | string | Your business ID |
name | string | Policy name |
rules | object | Policy rules configuration |
createdAt | string | Creation timestamp |
updatedAt | string | Last update timestamp |
