Sardis Policy - Natural Language Spending Controls
Create and manage spending policies for AI agents using natural language. Define limits, restrictions, and approval workflows without complex configuration.
Capabilities
- Natural Language Policies: "Max $500/day, only Amazon and OpenAI, no weekends"
- Policy Templates: Pre-built templates for common scenarios
- Policy Testing: Dry-run transactions against policies without execution
- Multi-Layer Policies: Combine transaction, daily, weekly, monthly limits
- Vendor Restrictions: Allowlists, blocklists, category controls
- Time-Based Rules: Weekend blocks, business hours only, time-of-day limits
Security Model
Policies are IMMUTABLE once created. To change a policy, create a new version and migrate the wallet.
Quick Setup
export SARDIS_API_KEY=sk_your_key_here
API Endpoint Patterns
Base URL: https://api.sardis.sh/v2
Create Policy with Natural Language
# Create a new spending policy from natural language
curl -X POST https://api.sardis.sh/v2/policies \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Procurement Agent Policy",
"description": "Max $500/day, only Amazon and OpenAI, no weekends",
"wallet_id": "wallet_abc123"
}'
# The natural language in "description" is automatically parsed into rules
Create Policy with Explicit Rules
# Create policy with structured rules
curl -X POST https://api.sardis.sh/v2/policies \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "SaaS Subscription Policy",
"wallet_id": "wallet_abc123",
"rules": {
"per_transaction_limit": "100.00",
"daily_limit": "500.00",
"weekly_limit": "2000.00",
"monthly_limit": "8000.00",
"allowed_vendors": ["openai.com", "anthropic.com", "github.com"],
"blocked_categories": ["gambling", "crypto-exchange"],
"time_restrictions": {
"allow_weekends": false,
"business_hours_only": true,
"timezone": "America/New_York"
},
"require_approval_above": "200.00"
}
}'
List Policies
# Get all policies for a wallet
curl -X GET https://api.sardis.sh/v2/wallets/{wallet_id}/policies \
-H "Authorization: Bearer $SARDIS_API_KEY"
Test Policy (Dry Run)
# Check if a transaction would be allowed WITHOUT executing it
curl -X POST https://api.sardis.sh/v2/policies/check \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"wallet_id": "wallet_abc123",
"amount": "75.00",
"vendor": "openai.com",
"token": "USDC",
"chain": "base"
}'
# Response:
# {
# "allowed": true,
# "reason": "Transaction approved",
# "remaining_daily": "425.00",
# "remaining_weekly": "1925.00"
# }
Get Policy Details
# Get detailed policy rules
curl -X GET https://api.sardis.sh/v2/policies/{policy_id} \
-H "Authorization: Bearer $SARDIS_API_KEY"
Policy Templates
Template: Conservative Procurement
curl -X POST https://api.sardis.sh/v2/policies/from-template \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"template": "conservative-procurement",
"wallet_id": "wallet_abc123",
"params": {
"daily_limit": "300.00",
"allowed_vendors": ["amazon.com", "walmart.com"]
}
}'
# Template rules:
# - Low per-transaction limit ($50)
# - Moderate daily limit (configurable)
# - Vendor allowlist only
# - Require approval above $100
# - Business hours only
Template: API Service Agent
curl -X POST https://api.sardis.sh/v2/policies/from-template \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"template": "api-service-agent",
"wallet_id": "wallet_abc123",
"params": {
"daily_limit": "1000.00",
"allowed_vendors": ["openai.com", "anthropic.com", "stripe.com"]
}
}'
# Template rules:
# - Higher per-transaction ($500)
# - API vendor allowlist
# - 24/7 allowed (services don't sleep)
# - Auto-approve under $100
Template: Restricted Trial
curl -X POST https://api.sardis.sh/v2/policies/from-template \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"template": "restricted-trial",
"wallet_id": "wallet_abc123",
"params": {
"total_limit": "50.00",
"expires_at": "2026-03-21T00:00:00Z"
}
}'
# Template rules:
# - Very low total limit
# - Expires after period
# - Require approval for all transactions
# - Vendor allowlist only
Template: Employee Card
curl -X POST https://api.sardis.sh/v2/policies/from-template \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"template": "employee-card",
"wallet_id": "wallet_abc123",
"params": {
"daily_limit": "200.00",
"blocked_categories": ["gambling", "adult", "crypto-exchange"]
}
}'
# Template rules:
# - Moderate limits
# - Category blocklist
# - Weekend spending allowed
# - Detailed audit logging
Example Commands
Create Simple Policy
# Quick policy creation with natural language
WALLET_ID=wallet_abc123
curl -X POST https://api.sardis.sh/v2/policies \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Marketing Agent",
"description": "Max $100 per transaction, $500/day, only Google Ads and Meta",
"wallet_id": "'$WALLET_ID'"
}'
Test Before Payment
# Always test policy before executing payment
WALLET_ID=wallet_abc123
AMOUNT=75.00
VENDOR=openai.com
CHECK_RESULT=$(curl -s -X POST https://api.sardis.sh/v2/policies/check \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"wallet_id": "'$WALLET_ID'",
"amount": "'$AMOUNT'",
"vendor": "'$VENDOR'"
}')
if echo $CHECK_RESULT | jq -e '.allowed == true' > /dev/null; then
echo "Payment would be approved"
echo "Remaining daily: $(echo $CHECK_RESULT | jq -r '.remaining_daily')"
else
echo "Payment would be BLOCKED"
echo "Reason: $(echo $CHECK_RESULT | jq -r '.reason')"
fi
Batch Policy Testing
# Test multiple scenarios
WALLET_ID=wallet_abc123
TRANSACTIONS='[
{"amount": "25.00", "vendor": "openai.com"},
{"amount": "150.00", "vendor": "amazon.com"},
{"amount": "500.00", "vendor": "stripe.com"}
]'
echo "$TRANSACTIONS" | jq -c '.[]' | while read tx; do
AMOUNT=$(echo $tx | jq -r '.amount')
VENDOR=$(echo $tx | jq -r '.vendor')
RESULT=$(curl -s -X POST https://api.sardis.sh/v2/policies/check \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"wallet_id": "'$WALLET_ID'",
"amount": "'$AMOUNT'",
"vendor": "'$VENDOR'"
}')
ALLOWED=$(echo $RESULT | jq -r '.allowed')
echo "$AMOUNT to $VENDOR: $ALLOWED"
done
Update Policy (Create New Version)
# Policies are immutable, so create new version
OLD_POLICY_ID=policy_abc123
WALLET_ID=wallet_abc123
# Create new policy
NEW_POLICY=$(curl -s -X POST https://api.sardis.sh/v2/policies \
-H "Authorization: Bearer $SARDIS_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Updated Procurement Policy",
"description": "Max $750/day, only Amazon OpenAI and Anthropic, no weekends",
"wallet_id": "'$WALLET_ID'",
"replaces": "'$OLD_POLICY_ID'"
}')
echo "New policy created: $(echo $NEW_POLICY | jq -r '.id')"
Response Examples
Policy Check Response (Allowed)
{
"allowed": true,
"reason": "Transaction approved within limits",
"policy_id": "policy_abc123",
"checks": {
"per_transaction_limit": "pass",
"daily_limit": "pass",
"vendor_allowlist": "pass",
"time_restriction": "pass"
},
"remaining": {
"daily": "425.00",
"weekly": "1925.00",
"monthly": "7425.00"
}
}
Policy Check Response (Blocked)
{
"allowed": false,
"reason": "Daily spending limit exceeded",
"policy_id": "policy_abc123",
"checks": {
"per_transaction_limit": "pass",
"daily_limit": "fail",
"vendor_allowlist": "pass"
},
"details": {
"limit": "500.00",
"current_spend": "475.00",
"requested": "50.00",
"would_exceed_by": "25.00"
}
}
Policy Details Response
{
"id": "policy_abc123",
"name": "SaaS Subscription Policy",
"wallet_id": "wallet_abc123",
"rules": {
"per_transaction_limit": "100.00",
"daily_limit": "500.00",
"weekly_limit": "2000.00",
"monthly_limit": "8000.00",
"allowed_vendors": ["openai.com", "anthropic.com", "github.com"],
"blocked_categories": ["gambling", "crypto-exchange"],
"time_restrictions": {
"allow_weekends": false,
"business_hours_only": true,
"business_hours": "09:00-17:00",
"timezone": "America/New_York"
},
"require_approval_above": "200.00"
},
"created_at": "2026-02-21T10:00:00Z",
"version": 2
}
Natural Language Parser Examples
The policy description field supports these patterns:
"Max $500/day, only Amazon and OpenAI"
→ daily_limit: 500, allowed_vendors: [amazon.com, openai.com]
"$100 per transaction, $1000/week, no weekends"
→ per_transaction_limit: 100, weekly_limit: 1000, allow_weekends: false
"Only verified merchants, require approval above $200"
→ verified_only: true, require_approval_above: 200
"Block gambling and crypto, business hours only"
→ blocked_categories: [gambling, crypto-exchange], business_hours_only: true
"Total budget $5000, expires March 1st"
→ total_limit: 5000, expires_at: 2026-03-01T00:00:00Z
Available Templates
| Template | Use Case | Key Features |
|---|---|---|
conservative-procurement | Purchasing agent | Low limits, vendor allowlist, approval required |
api-service-agent | API/SaaS agent | Higher limits, 24/7, auto-approve |
restricted-trial | Trial/demo | Very low limits, expires |
employee-card | Employee spending | Moderate limits, category blocks |
unrestricted | Trusted agent | High limits, minimal restrictions |
Error Handling
400 Bad Request- Invalid policy syntax or conflicting rules401 Unauthorized- Invalid API key403 Forbidden- Cannot modify policy (immutable)404 Not Found- Policy or wallet not found
Use Cases
- Agentic Procurement: Safe purchasing with automatic guardrails
- API Service Agents: Control cloud spending for LLM/SaaS
- Employee Cards: Virtual cards with spending controls
- Trial Accounts: Time-limited, low-budget wallets
- Multi-Tier Agents: Different policies for different agent roles
Related Skills
sardis-payment- Execute payments with policy enforcementsardis-balance- Monitor spending against policy limitssardis-cards- Virtual cards with policy controls
Links
- Website: https://sardis.sh
- Documentation: https://sardis.sh/docs/policies
- API Reference: https://api.sardis.sh/v2/docs
- Support: support@sardis.sh