Sprites API v1

Network Policy

Control outbound network access using DNS-based filtering. Policies define which domains sprites can reach, with support for exact matches, wildcard subdomains, and preset rule bundles.

Changes apply immediately—existing connections to newly-blocked domains are terminated. Failed DNS lookups return REFUSED for fast failure.

Get Network Policy

GET /v1/sprites/{name}/policy/network

Get the current network policy configuration.

Response

application/json
rules* NetworkPolicyRule[]

List of network policy rules

domain string

Domain pattern (e.g., *.github.com)

action string

allow or deny

include string

Include rules from preset

Response Codes

200

Success
404

Not Found - Resource not found
500

Internal Server Error
bash 
curl -X GET \
  "https://api.sprites.dev/v1/sprites/{name}/policy/network" \
  -H "Authorization: Bearer $SPRITES_TOKEN"
200 Response 
{
  "rules": [
    {
      "action": "allow",
      "domain": "github.com"
    },
    {
      "action": "allow",
      "domain": "*.npmjs.org"
    },
    {
      "action": "deny",
      "domain": "*"
    }
  ]
}

Set Network Policy

POST /v1/sprites/{name}/policy/network

Update the network policy configuration.

Request Body

application/json
rules* NetworkPolicyRule[]

List of network policy rules

domain string

Domain pattern (e.g., *.github.com)

action string

allow or deny

include string

Include rules from preset

Response

application/json

Response Codes

200

Success
400

Bad Request - Invalid request body
404

Not Found - Resource not found
500

Internal Server Error
bash 
curl -X POST \
  "https://api.sprites.dev/v1/sprites/{name}/policy/network" \
  -H "Authorization: Bearer $SPRITES_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"rules":[{"action":"allow","domain":"github.com"},{"action":"allow","domain":"*.npmjs.org"}]}'
200 Response 
{
  "rules": [
    {
      "action": "allow",
      "domain": "github.com"
    }
  ]
}