Skip to content

Governance Schema

Governance Report Import Schema and Compatibility Contract

Document Version: 1.0.0
Last Updated: 2026-04-26

Overview

MazeVault accepts governance and compliance imports through the governance reporting endpoints. To avoid ambiguity during parsing, the platform exposes a canonical JSON Schema for the normalized report format.

Use this schema when you want predictable imports for custom tooling, policy export pipelines, or governance-as-code workflows.

Available Forms

Form Location Purpose
Runtime endpoint /api/v1/governance/schema Fetch the schema directly from a running MazeVault backend
Static artifact governance-report-schema.json Download or vendor the schema into external tooling
  1. Validate generated governance reports against the schema before upload.
  2. Use the canonical field names from the schema when building custom exporters.
  3. Treat the schema as the source of truth for supported normalized fields.

Top-Level Policy Groups

The schema currently defines these top-level sections:

  • password_policy
  • certificate_policy
  • rotation_policy
  • naming_policy
  • mfa_policy
  • session_policy
  • encryption_policy

Fetching the Runtime Schema

curl -s https://<mazevault-host>/api/v1/governance/schema | jq .

Notes

  • Reports that do not use this exact normalized structure may still import successfully through MazeVault alias mapping.
  • The schema is the safer contract when you need deterministic compatibility across environments and releases.