Time Restriction Policy
Policy Type
UI Documentation
📖 For detailed information: [UI Documentation Link - Link will be added here]
Description
Time Restriction policy restricts or allows API access based on specific time periods. You can define restrictions for weekdays, specific dates, or date ranges with time windows. This policy is useful for maintenance windows, business hours enforcement, or scheduled access control.
Endpoints
List Policies
GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/
Add Policy
POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Update Policy
PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Delete Policy
DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
List Policies
Endpoint
GET /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/
Request
| Header |
Value |
| Authorization |
Bearer {token} |
Path Parameters
| Parameter |
Type |
Required |
Description |
| projectName |
string |
Yes |
Project name |
| apiProxyName |
string |
Yes |
API Proxy name |
Response
Success Response (200 OK)
{
"success": true,
"resultList": [
{
"apiProxy": {
"name": "MyAPI",
"requestPolicyList": [
{
"type": "policy-time-restriction",
"name": "business-hours-policy",
"description": "Allow access only during business hours",
"active": true,
"actionType": "ALLOW",
"zoneId": "+03:00",
"restrictionList": [
{
"hourName": "Business Hours",
"description": "Monday to Friday, 9 AM to 6 PM",
"dayType": "WEEK",
"enumWeekDayList": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"],
"wholeDay": false,
"startHour": 9,
"startMinute": 0,
"startSecond": 0,
"endHour": 18,
"endMinute": 0,
"endSecond": 0
}
]
}
],
"responsePolicyList": [],
"errorPolicyList": []
}
}
],
"resultCount": 1
}
Note: In list operations, restrictionList may be omitted for brevity.
cURL Example
curl -X GET \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/" \
-H "Authorization: Bearer YOUR_TOKEN"
Add Policy
Endpoint
POST /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
| Header |
Value |
| Authorization |
Bearer {token} |
| Content-Type |
application/json |
Path Parameters
| Parameter |
Type |
Required |
Description |
| projectName |
string |
Yes |
Project name |
| apiProxyName |
string |
Yes |
API Proxy name |
| policyName |
string |
Yes |
Policy name |
Request Body
Full JSON Body Example - Weekday Restriction
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-time-restriction",
"description": "Allow access only during business hours (Monday-Friday, 9 AM - 6 PM)",
"active": true,
"actionType": "ALLOW",
"zoneId": "+03:00",
"restrictionList": [
{
"hourName": "Business Hours",
"description": "Monday to Friday, 9 AM to 6 PM",
"dayType": "WEEK",
"enumWeekDayList": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"],
"wholeDay": false,
"startHour": 9,
"startMinute": 0,
"startSecond": 0,
"endHour": 18,
"endMinute": 0,
"endSecond": 0
}
]
}
}
Full JSON Body Example - Specific Date Restriction
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-time-restriction",
"description": "Restrict access on December 25th",
"active": true,
"actionType": "RESTRICT",
"zoneId": "+03:00",
"restrictionList": [
{
"hourName": "Christmas Day",
"description": "Full day restriction on December 25",
"dayType": "CUSTOM",
"day": 25,
"month": 12,
"wholeDay": true
}
]
}
}
Request Body Fields
| Field |
Type |
Required |
Default |
Description |
| targetScope |
string |
Yes |
- |
Policy scope: ALL or ENDPOINT |
| targetEndpoint |
string |
No* |
- |
Endpoint path (required if targetScope=ENDPOINT) |
| targetEndpointHTTPMethod |
string |
No* |
- |
HTTP method (required if targetScope=ENDPOINT) |
| targetPipeline |
string |
Yes |
- |
Pipeline: REQUEST, RESPONSE, or ERROR |
| deploy |
boolean |
No |
true |
Whether to deploy after adding policy |
| deployTargetEnvironmentNameList |
array |
No |
[] |
List of environment names to deploy to |
| order |
integer |
No |
null |
Policy execution order (starts from 1) |
Enum: targetScope
ALL - Policy applies to all endpointsENDPOINT - Policy applies only to specified endpoint
Enum: targetPipeline
REQUEST - Executes in request pipelineRESPONSE - Executes in response pipelineERROR - Executes in error pipeline
Enum: targetEndpointHTTPMethod
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
policy
| Field |
Type |
Required |
Default |
Description |
| type |
string |
Yes |
- |
Policy type: policy-time-restriction |
| description |
string |
No |
- |
Policy description |
| active |
boolean |
No |
true |
Whether policy is active |
| actionType |
string |
Yes |
RESTRICT |
Action type: ALLOW or RESTRICT |
| zoneId |
string |
No |
“+03:00” |
Time zone ID (e.g., “+03:00”, “Europe/Istanbul”) |
| restrictionList |
array |
Yes |
- |
List of time restriction rules (at least one required) |
EnumRestrictionType
ALLOW - Allow access during specified time periodsRESTRICT - Restrict access during specified time periods
- Offset format:
+03:00, -05:00, +00:00
- Zone name:
Europe/Istanbul, America/New_York, UTC
- Must be a valid Java ZoneId
Note
restrictionList must contain at least one restriction rule.- When
actionType: ALLOW, access is allowed only during specified periods.
- When
actionType: RESTRICT, access is blocked during specified periods.
restrictionList
Each restriction is an object with the following fields:
| Field |
Type |
Required |
Default |
Description |
| hourName |
string |
No |
- |
Name for this restriction rule |
| description |
string |
No |
- |
Description of the restriction |
| dayType |
string |
Yes |
- |
Day type: WEEK or CUSTOM |
| enumWeekDayList |
array |
No* |
- |
List of weekdays (required if dayType=WEEK) |
| day |
integer |
No* |
- |
Day of month (required if dayType=CUSTOM, 0-31, 0=every day) |
| month |
integer |
No* |
- |
Month (required if dayType=CUSTOM, 0-12, 0=every month) |
| wholeDay |
boolean |
No |
false |
Whether restriction applies to whole day |
| startHour |
integer |
No* |
- |
Start hour (required if wholeDay=false, 0-24) |
| startMinute |
integer |
No* |
- |
Start minute (required if wholeDay=false, 0-60) |
| startSecond |
integer |
No* |
- |
Start second (required if wholeDay=false, 0-60) |
| endHour |
integer |
No* |
- |
End hour (required if wholeDay=false, 0-24) |
| endMinute |
integer |
No* |
- |
End minute (required if wholeDay=false, 0-60) |
| endSecond |
integer |
No* |
- |
End second (required if wholeDay=false, 0-60) |
EnumDayType
WEEK - Restriction applies to specific weekdaysCUSTOM - Restriction applies to specific dates
EnumWeekDays
MONDAY - MondayTUESDAY - TuesdayWEDNESDAY - WednesdayTHURSDAY - ThursdayFRIDAY - FridaySATURDAY - SaturdaySUNDAY - SundayALL - All days of the week
Day and Month Values
day: 0 - Every day of the monthday: 1-31 - Specific day of the monthmonth: 0 - Every monthmonth: 1-12 - Specific month (1=January, 12=December)
Time Values
startHour/endHour: 0-24 (24-hour format)startMinute/endMinute: 0-60startSecond/endSecond: 0-60- Start time must be before end time
Note
- If
dayType: WEEK, provide enumWeekDayList (at least one weekday).
- If
dayType: CUSTOM, provide day and month.
- If
wholeDay: false, provide all time fields (startHour, startMinute, startSecond, endHour, endMinute, endSecond).
- If
wholeDay: true, time fields are ignored.
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
cURL Example
curl -X POST \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/business-hours/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-time-restriction",
"description": "Business hours restriction",
"active": true,
"actionType": "ALLOW",
"zoneId": "+03:00",
"restrictionList": [
{
"dayType": "WEEK",
"enumWeekDayList": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"],
"wholeDay": false,
"startHour": 9,
"startMinute": 0,
"startSecond": 0,
"endHour": 18,
"endMinute": 0,
"endSecond": 0
}
]
}
}'
Update Policy
Endpoint
PUT /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
| Header |
Value |
| Authorization |
Bearer {token} |
| Content-Type |
application/json |
Path Parameters
| Parameter |
Type |
Required |
Description |
| projectName |
string |
Yes |
Project name |
| apiProxyName |
string |
Yes |
API Proxy name |
| policyName |
string |
Yes |
Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-time-restriction",
"description": "Updated business hours restriction",
"active": true,
"actionType": "ALLOW",
"zoneId": "+05:00",
"restrictionList": [
{
"hourName": "Updated Business Hours",
"description": "Monday to Friday, 8 AM to 7 PM",
"dayType": "WEEK",
"enumWeekDayList": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"],
"wholeDay": false,
"startHour": 8,
"startMinute": 0,
"startSecond": 0,
"endHour": 19,
"endMinute": 0,
"endSecond": 0
}
]
}
}
Note: Request body structure is the same as Add Policy. All fields should be provided for update.
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": [
{
"environmentName": "production",
"success": true,
"message": "Deployment successful"
}
]
}
}
cURL Example
curl -X PUT \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/business-hours/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": true,
"deployTargetEnvironmentNameList": ["production"],
"order": 1
},
"policy": {
"type": "policy-time-restriction",
"description": "Updated business hours",
"active": true,
"actionType": "ALLOW",
"zoneId": "+03:00",
"restrictionList": [
{
"dayType": "WEEK",
"enumWeekDayList": ["MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY"],
"wholeDay": false,
"startHour": 9,
"startMinute": 0,
"startSecond": 0,
"endHour": 18,
"endMinute": 0,
"endSecond": 0
}
]
}
}'
Delete Policy
Endpoint
DELETE /apiops/projects/{projectName}/apiProxies/{apiProxyName}/policies/{policyName}/
Request
| Header |
Value |
| Authorization |
Bearer {token} |
| Content-Type |
application/json |
Path Parameters
| Parameter |
Type |
Required |
Description |
| projectName |
string |
Yes |
Project name |
| apiProxyName |
string |
Yes |
API Proxy name |
| policyName |
string |
Yes |
Policy name |
Request Body
Full JSON Body Example
{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": false
}
}
Request Body Fields
| Field |
Type |
Required |
Description |
|
| targetScope |
string |
Yes |
Policy scope: ALL or ENDPOINT |
|
| targetPipeline |
string |
Yes |
Pipeline: REQUEST, RESPONSE, or ERROR |
|
| deploy |
boolean |
No |
false |
Whether to deploy after deletion |
Response
Success Response (200 OK)
{
"success": true,
"deploymentResult": {
"success": true,
"deploymentResults": []
}
}
cURL Example
curl -X DELETE \
"https://demo.apinizer.com/apiops/projects/MyProject/apiProxies/MyAPI/policies/business-hours/" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"operationMetadata": {
"targetScope": "ALL",
"targetPipeline": "REQUEST",
"deploy": false
}
}'
Notes and Warnings
- Action Type:
ALLOW - Access is allowed only during specified periods (all other times are blocked)RESTRICT - Access is blocked during specified periods (all other times are allowed)
- Zone ID:
- Use offset format:
+03:00, -05:00, +00:00
- Or zone name:
Europe/Istanbul, America/New_York, UTC
- Must be a valid Java ZoneId
- Day Type:
WEEK - Use enumWeekDayList to specify weekdaysCUSTOM - Use day and month to specify dates
- Day and Month Values:
day: 0 - Every day of the monthday: 1-31 - Specific daymonth: 0 - Every monthmonth: 1-12 - Specific month
- Time Values:
- Hours: 0-24 (24-hour format)
- Minutes/Seconds: 0-60
- Start time must be before end time
- Whole Day:
- When
wholeDay: true, restriction applies to entire day (time fields ignored)
- When
wholeDay: false, provide all time fields
- Multiple Restrictions:
- Multiple restrictions in the list are evaluated together
- For
ALLOW: Access allowed if any restriction matches
- For
RESTRICT: Access blocked if any restriction matches
- Time Zone: All times are evaluated in the specified time zone
- Deployment: Policy changes require deployment to take effect. Set
deploy: true or deploy manually.