Documentation Index
Fetch the complete documentation index at: https://docs.shieldhq.xyz/llms.txt
Use this file to discover all available pages before exploring further.
Get Policy
Retrieve policy information and associated IPFS CID for accessing content.
Endpoint
GET /api/getPolicy/{policyId}
Authorization: Bearer {token}
Parameters
| Parameter | Type | Required | Description |
|---|
policyId | string | ✅ | Policy identifier (path param) |
Response
Success (200)
{
"success": true,
"policy": {
"policyId": "0xabc123...",
"cid": "QmXyz...",
"sender": "0x742d...",
"recipient": "0x1234...",
"expiry": 1708608000,
"maxAttempts": 3,
"attempts": 1,
"contentType": "file",
"fileName": "document.pdf",
"fileSize": 1048576,
"valid": true,
"createdAt": "2025-02-22T10:00:00Z"
}
}
Policy Expired (410)
{
"error": "Policy expired",
"expiry": 1708608000
}
Policy Not Found (404)
{
"error": "Policy not found"
}
Unauthorized (401)
{
"error": "Unauthorized"
}
Max Attempts Reached (403)
{
"error": "Max attempts reached",
"attempts": 3,
"maxAttempts": 3
}
Example Usage
JavaScript
async function getPolicy(policyId: string) {
const response = await fetch(`/api/getPolicy/${policyId}`, {
headers: {
'Authorization': `Bearer ${token}`,
},
});
if (!response.ok) {
const error = await response.json();
throw new Error(error.error);
}
return await response.json();
}
// Usage
const { policy } = await getPolicy('0xabc123...');
console.log(`CID: ${policy.cid}`);
console.log(`Expires: ${new Date(policy.expiry * 1000)}`);
cURL
curl https://app.shieldhq.xyz/api/getPolicy/0xabc123... \
-H "Authorization: Bearer $TOKEN"
Policy Status Checks
The endpoint performs multiple validations:
| Check | HTTP Status | Response |
|---|
| Policy exists | 200 | Full policy data |
| Policy not found | 404 | { error: "Policy not found" } |
| Expired | 410 | { error: "Policy expired" } |
| Revoked | 403 | { error: "Policy revoked" } |
| Max attempts | 403 | { error: "Max attempts reached" } |
Access Flow Integration
async function accessContent(policyId: string, secretKey: string) {
// 1. Get policy metadata
const { policy } = await getPolicy(policyId);
// 2. Authenticate with SIWE (recipient)
const token = await authenticate(recipientAddress);
// 3. Log access on-chain
await logAccessAttempt(policyId);
// 4. Fetch encrypted content from IPFS
const encrypted = await fetchFromIPFS(policy.cid);
// 5. Decrypt with secret key
const decrypted = await decryptContent(encrypted, secretKey);
return decrypted;
}
Response Fields
| Field | Type | Description |
|---|
policyId | string | Policy identifier |
cid | string | IPFS Content Identifier |
sender | address | Creator’s wallet address |
recipient | address | Authorized recipient address |
expiry | number | Unix timestamp |
maxAttempts | number | Maximum allowed attempts |
attempts | number | Current attempt count |
contentType | string | "file" or "message" |
fileName | string | Original filename |
fileSize | number | Size in bytes |
valid | boolean | Whether policy is still valid |
createdAt | string | ISO timestamp of creation |
Rate Limits
| Limit | Value |
|---|
| Requests | 60 per minute |
| Per policy | No limit |
Caching
Policies are cached for 30 seconds to reduce database load. The cache is invalidated on:
- Policy revocation
- Access attempt logged
Error Handling
try {
const { policy } = await getPolicy(policyId);
} catch (error) {
switch (error.message) {
case 'Policy not found':
// Invalid policy ID
break;
case 'Policy expired':
// Link has expired
break;
case 'Max attempts reached':
// No more access allowed
break;
case 'Policy revoked':
// Sender revoked access
break;
default:
// Network or server error
}
}
