> ## Documentation Index
> Fetch the complete documentation index at: https://docs.onefirewall.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Update Scan Policy

> Creates or updates the user's custom scan policy.



## OpenAPI

````yaml post /api/v1/user/scan-policy
openapi: 3.0.3
info:
  title: OneFirewall Offensive Security API
  description: >-
    API endpoints for the Vulnix Scanner, user management, and configuration.


    ## Authentication


    Authentication is handled via API keys. You must include your key in the
    `api-key` header with every request.


    - **Header**: `api-key: {your-api-key}`

    - **Key Format**: A single secret string provided upon creation.


    ## Organization Context


    For endpoints requiring an organization context (like scanning), you can
    specify your organization ID:


    - **Header**: `X-Org-Id: {your-org-id}`

    - **Query Parameter**: `?org_id={your-org-id}`


    If not provided, the request will use your default organization.
  version: 1.0.0
servers:
  - url: https://vulnix0.com
    description: Production server
security:
  - apiKeyAuth: []
paths:
  /api/v1/user/scan-policy:
    post:
      tags:
        - Configuration
      summary: Update Scan Policy
      description: Creates or updates the user's custom scan policy.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScanPolicyRequest'
      responses:
        '200':
          description: Scan policy updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SuccessResponse'
              example:
                status: success
                message: Scan policy updated successfully
components:
  schemas:
    ScanPolicyRequest:
      type: object
      required:
        - policy
      properties:
        policy:
          $ref: '#/components/schemas/ScanPolicy'
    SuccessResponse:
      type: object
      properties:
        status:
          type: string
          example: success
        message:
          type: string
    ScanPolicy:
      type: object
      properties:
        ports_to_scan:
          type: array
          items:
            type: integer
          example:
            - 80
            - 443
            - 8080
          description: List of ports to scan
        directory_enumeration:
          type: boolean
          example: true
          description: Enable directory enumeration
        vhost_enumeration:
          type: boolean
          example: false
          description: Enable virtual host enumeration
  securitySchemes:
    apiKeyAuth:
      type: apiKey
      in: header
      name: api-key
      description: A unique API Key.

````