> ## Documentation Index
> Fetch the complete documentation index at: https://docs.phosra.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Update a policy

> Update a policy's name or priority



## OpenAPI

````yaml PUT /policies/{policyID}
openapi: 3.1.0
info:
  title: Phosra API
  description: Universal Parental Controls API - Define once, push everywhere
  version: 1.0.0
  contact:
    name: Phosra Developer Support
    url: https://docs.phosra.com
  license:
    name: Proprietary
    url: https://phosra.com/terms
servers:
  - url: https://phosra-api-sandbox-production.up.railway.app/api/v1
    description: >-
      Hosted sandbox — the one canonical, stable, partner-facing testing
      endpoint (seeded demo family + phosra_test_ keys). Default so the inline
      Try it never touches production. Same base the CLI uses.
  - url: https://prodapi.phosra.com/api/v1
    description: Production
  - url: http://localhost:8080/api/v1
    description: Local development
security:
  - BearerAuth: []
paths:
  /policies/{policyID}:
    parameters:
      - name: policyID
        in: path
        required: true
        schema:
          type: string
          format: uuid
    put:
      tags:
        - Policies
      summary: Update a policy's name or priority
      description: >-
        Updates a policy's display name or priority weight and returns the
        updated resource. Priority decides which policy wins when several apply
        to the same child.
      operationId: updateAPolicySNameOrPriority
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                name:
                  type: string
                priority:
                  type: integer
      responses:
        '200':
          description: Policy updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ChildPolicy'
              example:
                id: 7b3e9c04-2d1a-4f68-9e5b-8c07a1f34d29
                child_id: ca02f5d1-fee8-4201-b5ca-fdc8be506e1e
                name: Ada's Protection Policy
                status: active
                priority: 0
                version: 1
                created_at: '2026-06-18T14:32:07Z'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          description: Policy not found
        '429':
          $ref: '#/components/responses/RateLimited'
        '500':
          $ref: '#/components/responses/ServerError'
      x-codeSamples:
        - lang: JavaScript
          label: SDK (@phosra/sdk)
          source: >
            import { PhosraClient } from "@phosra/sdk";


            const phosra = new PhosraClient({
              baseUrl: "https://phosra-api-sandbox-production.up.railway.app/api/v1",
              accessToken: process.env.PHOSRA_API_KEY,
            });


            const result = await
            phosra.policies.update("b011c1e5-0000-4000-8000-000000000b01", {
              name: "After-school limits",
              priority: 100
            });

            console.log(result);
        - lang: Shell
          label: cURL
          source: >
            curl -sS -X PUT
            "https://phosra-api-sandbox-production.up.railway.app/api/v1/policies/b011c1e5-0000-4000-8000-000000000b01"
            \
              -H "Authorization: Bearer $PHOSRA_API_KEY" \
              -H "Content-Type: application/json" \
              -d '{
              "name": "After-school limits",
              "priority": 100
            }'
        - lang: Python
          label: Python
          source: |
            import os, requests

            BASE = "https://phosra-api-sandbox-production.up.railway.app/api/v1"
            res = requests.put(
                f"{BASE}/policies/b011c1e5-0000-4000-8000-000000000b01",
                headers={"Authorization": f"Bearer {os.environ['PHOSRA_API_KEY']}"},
                json={
                    "name": "After-school limits",
                    "priority": 100
                },
            )
            print(res.status_code, res.json())
        - lang: Go
          label: Go
          source: "package main\n\nimport (\n\t\"bytes\"\n\t\"fmt\"\n\t\"io\"\n\t\"net/http\"\n\t\"os\"\n)\n\nfunc main() {\n\tbase := \"https://phosra-api-sandbox-production.up.railway.app/api/v1\"\n\tbody := bytes.NewBufferString(`{\n  \"name\": \"After-school limits\",\n  \"priority\": 100\n}`)\n\treq, _ := http.NewRequest(\"PUT\", base+\"/policies/b011c1e5-0000-4000-8000-000000000b01\", body)\n\treq.Header.Set(\"Authorization\", \"Bearer \"+os.Getenv(\"PHOSRA_API_KEY\"))\n\treq.Header.Set(\"Content-Type\", \"application/json\")\n\tresp, err := http.DefaultClient.Do(req)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tdefer resp.Body.Close()\n\tout, _ := io.ReadAll(resp.Body)\n\tfmt.Println(resp.Status, string(out))\n}\n"
components:
  schemas:
    ChildPolicy:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Unique identifier for this resource.
        child_id:
          type: string
          format: uuid
          description: Identifier of the child this resource belongs to.
        name:
          type: string
          description: Human-readable display name.
        status:
          type: string
          enum:
            - active
            - paused
            - draft
          description: Current lifecycle state of the resource.
        priority:
          type: integer
          description: Ordering weight when multiple policies apply; higher wins.
        version:
          type: integer
          description: Monotonically increasing version, bumped on every change.
        created_at:
          type: string
          format: date-time
          description: RFC 3339 timestamp of when the resource was created.
      additionalProperties: true
    Error:
      type: object
      properties:
        error:
          type: string
          description: >-
            Short, stable, machine-readable error class — matches the HTTP
            status text (e.g. `Not Found`).
        message:
          type: string
          description: >-
            Human-readable explanation of what went wrong and, where possible,
            how to fix it.
        code:
          type: integer
          description: Numeric HTTP status code, duplicated in the body for convenience.
      description: Standard error envelope returned for every 4xx and 5xx response.
      example:
        error: Not Found
        message: policy not found
        code: 404
      additionalProperties: true
  responses:
    BadRequest:
      description: >-
        The request was malformed — a required field is missing, a value failed
        validation, or an identifier is not a well-formed UUID.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Bad Request
            message: child_name is required
            code: 400
    Unauthorized:
      description: >-
        Authentication failed. Send a Bearer WorkOS JWT, or a
        `phosra_live_`/`phosra_test_` developer API key, in the `Authorization`
        header.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Unauthorized
            message: missing or invalid Authorization header
            code: 401
    Forbidden:
      description: >-
        Authenticated, but not permitted to act on this resource — for example,
        you are not a member of the target family.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Forbidden
            message: not a member of this family
            code: 403
    RateLimited:
      description: >-
        Too many requests. Back off and retry after the interval given in the
        `Retry-After` response header.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Too Many Requests
            message: rate limit exceeded
            code: 429
    ServerError:
      description: >-
        An unexpected error occurred inside Phosra. The request is safe to retry
        with exponential backoff; contact support if it persists.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: Internal Server Error
            message: internal error
            code: 500
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT

````