Advanced Policy Types
The Advanced Mode in the Policy form lets you view and edit the raw JSON for a policy. This is used when you need to configure settings that aren’t exposed in the standard form fields, or when you need to set a policy’s underlying PolicyType directly.
When to use Advanced Mode
Use the Advanced Mode when you need to:
Set a policy to a type that isn’t selectable in the UI (for example:
SettingsUpdate,JobUpdate,HttpAccess,Custom)Provide structured configuration payloads (for example: a JSON string used by the endpoint processor)
Add or modify fields that are not available in the standard policy editor
What you’ll see in the JSON
While the exact structure can vary by policy type and platform, the JSON typically includes:
Policy metadata
Name, description, and identifiers
Targeting
The users, machines, applications, platforms, or collections that the policy applies to
Policy type
A
PolicyTypefield that identifies how the agent evaluates the policy
Policy configuration
One or more objects containing the settings for that policy type (commonly an
Extensionobject for configuration-driven policy types)
How changes in JSON affect the policy
Edits in the Advanced Mode can:
Change how the policy is interpreted by endpoints (for example, changing
PolicyType)Add configuration that endpoints require for enforcement or processing
Override or replace values configured in the standard UI fields (depending on the policy)
Because the JSON is authoritative, it’s important to treat it like a configuration file: small mistakes can prevent a policy from applying as expected.
Step-by-step: Using the Advanced Mode safely
Create a policy using any available policy type in the standard UI (this provides a valid baseline structure).
Configure Targeting in the UI first (collections/users/machines/apps/platforms).
Open the Advanced tab.
Copy the full JSON and save it somewhere safe (so you can revert if needed).
Make the smallest change required:
Set
PolicyTypeto the desired valueAdd or update the required configuration object(s) (for example,
Extension)
Save the policy.
Validate behavior on a small test scope before rolling out broadly.
Common Advanced Mode use cases
Update Settings (SettingsUpdate)
Used to push plugin or agent configuration to endpoints. Common pattern:
Set
PolicyTypeto"SettingsUpdate"Provide an
Extensionthat identifies what to update and includes a full JSON payload to write
Read more about Update Settings Policy Type Here.
Update Jobs (JobUpdate)
Used to add/update/delete job JSON on endpoints. Common pattern:
Set
PolicyTypeto"JobUpdate"Provide an
ExtensionwithJobId,Action, and (for add/update) a fullJobJsonpayload
Read more about Update Jobs Policy Type Here.
HTTP Access (HttpAccess)
Used to evaluate and enforce outbound web access rules. Common pattern:
Set
PolicyTypeto"HttpAccess"Provide URL matching rules and any associated allow/deny behavior fields required by your implementation
Read more about HTTP Access Policy Type Here.
Custom (Custom)
Used for specialized internal workflows or integrations. Common pattern:
Set
PolicyTypeto"Custom"Add custom fields required by the consuming component
Read more about Custom Policy Type Here.
Tips and troubleshooting
Keep targeting in the UI when possible
Use the standard editor for targeting whenever it’s available. Then use JSON edits only for the extra fields you need.
Validate JSON formatting
A missing quote, bracket, or comma can prevent the policy from saving or being processed correctly. If a save fails, revert to the last known-good JSON and re-apply changes slowly.
Prefer small rollouts first
When changing PolicyType or adding new JSON keys, start with a small test collection before applying it broadly.
Document internal schemas for customers
If a policy type relies on a specific JSON schema (especially Custom), consider publishing:
Required keys and allowed values
A copy/paste example payload
How customers verify success (logs, audit events, endpoint behavior)
INSERT SCREENSHOT HERE
Last updated
Was this helpful?