Providing you are a LUSID user with sufficient privileges, you can create a policy collection to group logically similar policies together.
Note
If you are the LUSID domain owner, you are automatically assigned the built-in lusid-administrator role, which has all the permissions necessary to perform the operations in this article.
For example, you might create a policy collection to group a feature policy with a particular data policy that together permit operations on a specific dataset. Once created, you should assign the policy collection to a role.
Using the LUSID web app
Sign in to the LUSID web app using the credentials of a LUSID administrator.
From the left-hand menu, select Identity and Access > Policy Collections:
On the Policy collections dashboard, click the Create policy collection button.
Specify a unique Code for the policy collection, and then assign suitable policies using the Policies > Choose dropdown. Optionally, you can choose to nest policy collections using the Policy collections > Choose dropdown:
Using the Access API
Call the CreatePolicyCollection API, passing in your API access token and assigning policies (or nested policy collections). For example:
curl -X POST "https://<your-domain>.lusid.com/access/api/policycollections" -H "Authorization: Bearer <your-API-access-token>" -H "Content-Type: application/json" -d '{"code":"allow-portfolio-access","policies":[{"scope":"default","code":"data-read-portfolios-quotes-us"},{"scope":"default","code":"feature-read-portfolios-quotes-us"}],"policyCollections":[]}}'
The response contains the scope and code that together uniquely identify the policy collection:
{ "id": { "scope": "default", "code": "allow-portfolio-access" }, "policies": [ { "scope": "default", "code": "data-read-portfolios-quotes-us" }, { "scope": "default", "code": "feature-read-portfolios-quotes-us" } ], "policyCollections": [], ... }