Skip to main content
POST
/
compliance
SDK (@phosra/sdk)
import { PhosraClient } from "@phosra/sdk";

const phosra = new PhosraClient({
  baseUrl: "https://phosra-api-sandbox-production.up.railway.app/api/v1",
  accessToken: process.env.PHOSRA_API_KEY,
});

const result = await phosra.compliance.create({
  family_id: "f0000000-0000-4000-8000-0000000000f1",
  platform_id: "fire_tablet",
  credentials: "oauth_or_manual_token_here"
});
console.log(result);
{
  "id": "e1a7c3f9-45b2-4d68-9c01-72f6b8d34a05",
  "family_id": "fcdf4277-ba14-4732-8db5-0369b2c88d8b",
  "platform_id": "nextdns",
  "status": "verified",
  "external_id": "nextdns:profile:a1b2c3",
  "last_enforcement_at": "2026-06-30T09:15:52Z",
  "last_enforcement_status": "success",
  "verified_at": "2026-06-19T08:47:30Z"
}
A compliance link is a live connection between a family and a platform (the thing enforcement pushes to). Connect a platform, re-verify it, trigger enforcement for just that link, or disconnect.
curl -X POST https://phosra-api-sandbox-production.up.railway.app/api/v1/compliance \
  -H "Authorization: Bearer $PHOSRA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"family_id":"...","platform_id":"fire_tablet"}'

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
family_id
string<uuid>
required
platform_id
string
required
credentials
string
required

Response

Platform connected

id
string<uuid>

Unique identifier for this resource.

family_id
string<uuid>

Identifier of the family this resource belongs to.

platform_id
string

Identifier of the associated platform.

status
enum<string>

Current lifecycle state of the resource.

Available options:
verified,
unverified,
error
external_id
string

Identifier of the associated external.

last_enforcement_at
string<date-time> | null

RFC 3339 timestamp.

last_enforcement_status
string

Outcome of the most recent enforcement run against this link (e.g. success, partial, error).

verified_at
string<date-time>

RFC 3339 timestamp.