Skip to content
Ona API Reference
Ona Docs
API Reference
Organizations
Policies

UpdateOrganizationPolicies

client.Organizations.Policies.Update(ctx, body) (*OrganizationPolicyUpdateResponse, error)
POST/gitpod.v1.OrganizationService/UpdateOrganizationPolicies

Updates organization policy settings.

Use this method to:

  • Configure editor restrictions
  • Set environment resource limits
  • Define project creation permissions
  • Customize default configurations

Examples

  • Update editor policies:

    Restricts available editors and sets a default.

    organizationId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
allowedEditorIds:
  - "vscode"
  - "jetbrains"
defaultEditorId: "vscode"

  • Set environment limits:

    Configures limits for environment usage.

    organizationId: "b0e12f6c-4c67-429d-a4a6-d9838b5da047"
maximumEnvironmentTimeout: "3600s"
maximumRunningEnvironmentsPerUser: "5"
maximumEnvironmentsPerUser: "20"
ParametersExpand Collapse
body OrganizationPolicyUpdateParams
OrganizationID param.Field[string]

organization_id is the ID of the organization to update policies for

formatuuid
AgentPolicy param.Field[OrganizationPolicyUpdateParamsAgentPolicy]Optional

agent_policy contains agent-specific policy settings

CommandDenyList []stringOptional

command_deny_list contains a list of commands that agents are not allowed to execute

ConversationSharingPolicy ConversationSharingPolicyOptional

conversation_sharing_policy controls whether agent conversations can be shared

One of the following:
const ConversationSharingPolicyUnspecified ConversationSharingPolicy = "CONVERSATION_SHARING_POLICY_UNSPECIFIED"
const ConversationSharingPolicyDisabled ConversationSharingPolicy = "CONVERSATION_SHARING_POLICY_DISABLED"
const ConversationSharingPolicyOrganization ConversationSharingPolicy = "CONVERSATION_SHARING_POLICY_ORGANIZATION"
MaxSubagentsPerEnvironment int64Optional

max_subagents_per_environment limits the number of non-terminal sub-agents a parent can have running simultaneously in the same environment. Valid range: 0-10. Zero means use the default (5).

formatint32
maximum10
McpDisabled boolOptional

mcp_disabled controls whether MCP (Model Context Protocol) is disabled for agents

ScmToolsAllowedGroupID stringOptional

scm_tools_allowed_group_id restricts SCM tools access to members of this group. Empty means no restriction (all users can use SCM tools if not disabled).

ScmToolsDisabled boolOptional

scm_tools_disabled controls whether SCM (Source Control Management) tools are disabled for agents

AllowedEditorIDs param.Field[[]string]Optional

allowed_editor_ids is the list of editor IDs that are allowed to be used in the organization

AllowLocalRunners param.Field[bool]Optional

allow_local_runners controls whether local runners are allowed to be used in the organization

DefaultEditorID param.Field[string]Optional

default_editor_id is the default editor ID to be used when a user doesn’t specify one

DefaultEnvironmentImage param.Field[string]Optional

default_environment_image is the default container image when none is defined in repo

DeleteArchivedEnvironmentsAfter param.Field[string]Optional

delete_archived_environments_after controls how long archived environments are kept before automatic deletion. 0 means no automatic deletion. Maximum duration is 4 weeks (2419200 seconds).

formatregex
EditorVersionRestrictions param.Field[map[string, OrganizationPolicyUpdateParamsEditorVersionRestrictions]]Optional

editor_version_restrictions restricts which editor versions can be used. Maps editor ID to version policy with allowed major versions.

AllowedVersions []stringOptional

allowed_versions lists the versions that are allowed If empty, we will use the latest version of the editor

Examples for JetBrains: ["2025.2", "2025.1", "2024.3"]

MaximumEnvironmentLifetime param.Field[string]Optional

maximum_environment_lifetime controls for how long environments are allowed to be reused. 0 means no maximum lifetime. Maximum duration is 180 days (15552000 seconds).

formatregex
MaximumEnvironmentsPerUser param.Field[string]Optional

maximum_environments_per_user limits total environments (running or stopped) per user

MaximumEnvironmentTimeout param.Field[string]Optional

maximum_environment_timeout controls the maximum timeout allowed for environments in seconds. 0 means no limit (never). Minimum duration is 30 minutes (1800 seconds). value must be 0s (no limit) or at least 1800s (30 minutes):

this == duration('0s') || this >= duration('1800s')
formatregex
MaximumRunningEnvironmentsPerUser param.Field[string]Optional

maximum_running_environments_per_user limits simultaneously running environments per user

MembersCreateProjects param.Field[bool]Optional

members_create_projects controls whether members can create projects

MembersRequireProjects param.Field[bool]Optional

members_require_projects controls whether environments can only be created from projects by non-admin users

PortSharingDisabled param.Field[bool]Optional

port_sharing_disabled controls whether user-initiated port sharing is disabled in the organization. System ports (VS Code Browser, agents) are always exempt from this policy.

RequireCustomDomainAccess param.Field[bool]Optional

require_custom_domain_access controls whether users must access via custom domain when one is configured. When true, access via app.gitpod.io is blocked.

RestrictAccountCreationToScim param.Field[bool]Optional

restrict_account_creation_to_scim controls whether account creation is restricted to SCIM-provisioned users only. When true and SCIM is configured for the organization, only users provisioned via SCIM can create accounts.

SecurityAgentPolicy param.Field[OrganizationPolicyUpdateParamsSecurityAgentPolicy]Optional

security_agent_policy contains security agent configuration updates

Crowdstrike OrganizationPolicyUpdateParamsSecurityAgentPolicyCrowdstrikeOptional

crowdstrike contains CrowdStrike Falcon configuration updates

AdditionalOptions map[string, string]Optional

additional_options contains additional FALCONCTL_OPT_* options as key-value pairs

CidSecretID stringOptional

cid_secret_id references an organization secret containing the Customer ID (CID)

formatuuid
Enabled boolOptional

enabled controls whether CrowdStrike Falcon is deployed to environments

Image stringOptional

image is the CrowdStrike Falcon sensor container image reference

Tags stringOptional

tags are optional tags to apply to the Falcon sensor

VetoExecPolicy param.Field[VetoExecPolicy]Optional

veto_exec_policy contains the veto exec policy for environments.

ReturnsExpand Collapse
type OrganizationPolicyUpdateResponse interface{…}

UpdateOrganizationPolicies

package main

import (
  "context"
  "fmt"

  "github.com/gitpod-io/gitpod-sdk-go"
  "github.com/gitpod-io/gitpod-sdk-go/option"
)

func main() {
  client := gitpod.NewClient(
    option.WithBearerToken("My Bearer Token"),
  )
  policy, err := client.Organizations.Policies.Update(context.TODO(), gitpod.OrganizationPolicyUpdateParams{
    OrganizationID: gitpod.F("b0e12f6c-4c67-429d-a4a6-d9838b5da047"),
    MaximumEnvironmentsPerUser: gitpod.F("20"),
    MaximumEnvironmentTimeout: gitpod.F("3600s"),
    MaximumRunningEnvironmentsPerUser: gitpod.F("5"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", policy)
}

{}
Returns Examples
{}