Skip to main content

Simulate Policy Impact

Runs a simulation against the current recipient catalog to predict how many recipients would be compliant or non-compliant if this policy were enforced. Use simulation before publishing to identify recipients who are missing authentication factors. 
POST /v1/docks/:dockId/policies/:policyId/simulate

Path Parameters

ParameterTypeDescription
dockIdstringThe dock ID
policyIdstringThe policy ID

Example Request

curl -X POST https://api.docyard.io/v1/docks/dock_01HQ3K.../policies/pol_01HQ3P.../simulate \
  -H "Authorization: Bearer dk_live_a1b2c3d4..."

Response: Mortgagee Policy

Simulation of a mortgagee bulk API policy requiring shared passphrase + mutual TLS certificate: 
{
  "policyId": "pol_01HQ3P...",
  "policyName": "Mortgagee Bulk API Access",
  "totalRecipients": 127,
  "compliant": 118,
  "nonCompliant": 9,
  "breakdown": [
    {
      "factorCount": 2,
      "combination": ["shared_passphrase", "tls_certificate"],
      "recipients": 118,
      "missingFactors": []
    },
    {
      "factorCount": 1,
      "combination": ["shared_passphrase"],
      "recipients": 6,
      "missingFactors": ["tls_certificate"]
    },
    {
      "factorCount": 0,
      "combination": [],
      "recipients": 3,
      "missingFactors": ["shared_passphrase", "tls_certificate"]
    }
  ],
  "recommendations": [
    "6 mortgagees have a passphrase but no TLS certificate configured. Provide mTLS onboarding instructions.",
    "3 mortgagees have no authentication factors. Generate passphrases and distribute TLS certificates before publishing."
  ]
}

Response: Auditor Policy

Simulation of an auditor time-boxed policy requiring badge ID + NDA hash: 
{
  "policyId": "pol_01HQ3Q...",
  "policyName": "Q1 2025 External Audit — Deloitte",
  "totalRecipients": 4,
  "compliant": 3,
  "nonCompliant": 1,
  "breakdown": [
    {
      "factorCount": 2,
      "combination": ["badge_id", "nda_hash"],
      "recipients": 3,
      "missingFactors": []
    },
    {
      "factorCount": 1,
      "combination": ["badge_id"],
      "recipients": 1,
      "missingFactors": ["nda_hash"]
    }
  ],
  "recommendations": [
    "1 auditor has a badge ID but no NDA hash registered. Compute the SHA-256 hash of the signed NDA PDF and update the recipient's identifiers before publishing."
  ]
}

Response: Policyholder Policy

Simulation of a policyholder self-service policy requiring SMS OTP: 
{
  "policyId": "pol_01HQ3R...",
  "policyName": "Policyholder Self-Service",
  "totalRecipients": 3421,
  "compliant": 3298,
  "nonCompliant": 123,
  "breakdown": [
    {
      "factorCount": 1,
      "combination": ["sms_otp"],
      "recipients": 3298,
      "missingFactors": []
    },
    {
      "factorCount": 0,
      "combination": [],
      "recipients": 123,
      "missingFactors": ["phone"]
    }
  ],
  "recommendations": [
    "123 policyholders have no phone number on file. SMS OTP delivery will fail for these recipients. Update their identifiers with a valid phone number before publishing."
  ]
}

Error Handling

StatusCondition
401Missing or invalid API key
404Policy or dock not found
Simulation results are computed in real-time against the current recipient catalog. They are not stored — run the simulation again after making changes to see updated results.