> ## Documentation Index
> Fetch the complete documentation index at: https://docs.case.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Set inbox mail policy

> Set the sender allowlist and send/reply/read access rules for an inbox owned by the authenticated organization.



## OpenAPI

````yaml /openapi.json put /mail/v1/inboxes/{inboxId}/policy
openapi: 3.1.0
info:
  title: Case.dev API
  description: >-
    The AI-native platform for legal technology. Build smarter legal
    applications with our suite of AI-powered APIs.
  version: 1.0.0
  contact:
    name: Case.dev Support
    email: support@casemark.com
    url: https://case.dev
  license:
    name: Proprietary
    url: https://case.dev/terms
servers:
  - url: https://api.case.dev
    description: Production
security:
  - bearerAuth: []
tags:
  - name: Vaults
    description: Secure document storage with semantic search and GraphRAG
  - name: Memory
    description: >-
      Persistent memory for AI agents with semantic search and 12 generic
      indexed tag fields
  - name: OCR
    description: Extract text from PDFs, images, and scanned documents
  - name: Voice
    description: Audio transcription and text-to-speech
  - name: LLMs
    description: Access 40+ language models through a unified API
  - name: Search
    description: Web search, AI answers, and deep research
  - name: Mail
    description: Managed inboxes for agent email workflows
  - name: Media
    description: Transcript retrieval and captioned media clip generation
  - name: Legal
    description: Legal research tools including citation verification
  - name: Privilege
    description: Privilege detection for e-discovery and litigation workflows
  - name: Compute
    description: Serverless GPU and CPU infrastructure
  - name: Format
    description: Document formatting and template rendering (MD/JSON to PDF/DOCX)
  - name: SuperDoc
    description: Document conversion and template automation
  - name: Webhooks
    description: Webhook endpoint management
  - name: System
    description: Public system metadata and discovery endpoints
  - name: Usage
    description: Usage reporting and webhook subscriptions
  - name: Database
    description: Serverless PostgreSQL databases with instant branching
  - name: Translation
    description: Language detection and translation for multilingual legal workflows
  - name: Skills
    description: Search and read legal AI skills for agents
  - name: Agents
    description: >-
      Create, manage, and execute AI agents with tool access, sandbox
      environments, and async run workflows
  - name: Matters
    description: Matter-native legal workspaces and orchestration primitives
  - name: Applications Projects
    description: Web application project management
  - name: Applications Deployments
    description: Web application deployment management
  - name: Applications Domains
    description: Custom domain configuration for applications
  - name: Applications Env Vars
    description: Environment variable management for applications
paths:
  /mail/v1/inboxes/{inboxId}/policy:
    put:
      tags:
        - Mail
      summary: Set inbox mail policy
      description: >-
        Set the sender allowlist and send/reply/read access rules for an inbox
        owned by the authenticated organization.
      operationId: setMailInboxPolicy
      parameters:
        - name: inboxId
          in: path
          required: true
          schema:
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                enforceSenderAllowlist:
                  type: boolean
                allowedSenderPatterns:
                  type: array
                  items:
                    type: string
                  description: Exact emails, @domain rules, or *
                readAccessRules:
                  type: array
                  items:
                    type: string
                  description: >-
                    Rules like organization, operator, user:<id>, api_key,
                    api_key:<id>, clerk_session, or *
                replyAccessRules:
                  type: array
                  items:
                    type: string
                  description: >-
                    Rules like organization, operator, user:<id>, api_key,
                    api_key:<id>, clerk_session, or *
                sendAccessRules:
                  type: array
                  items:
                    type: string
                  description: >-
                    Rules like organization, user:<id>, api_key, api_key:<id>,
                    clerk_session, or *
      responses:
        '200':
          description: Inbox policy updated successfully
        '400':
          description: Invalid inbox policy payload
        '401':
          description: Invalid API key
        '403':
          description: Write access required
        '404':
          description: Inbox not found
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: API Key
      description: API key starting with `sk_case_`

````