> ## Documentation Index > Fetch the complete documentation index at: https://docs.trulayer.ai/llms.txt > Use this file to discover all available pages before exploring further. # List failure detection rules for the tenant ## OpenAPI ````yaml /api-reference/openapi.yaml get /v1/failure-rules openapi: 3.1.0 info: title: TruLayer API version: 0.1.0 description: | Trace ingestion, evaluation, query, and feedback API for TruLayer AI. ### Authentication Two auth schemes coexist: SDK API keys (`Authorization: Bearer tl_...`) and Clerk session JWTs (dashboard). Routes marked "requires Clerk auth" in their summary are unreachable via API key. ### Roles (TRU-234) Dashboard requests carry one of three organization roles: `owner`, `member`, `viewer`. Endpoints enforce role allowlists, not rank comparisons. See `docs/security.md` for the full role-permission matrix. - **owner** — full control including billing, member management, destructive deletes on failure-rules/model-routes/webhooks/eval-rules, control-loop execution, and DLQ resolution. - **member** — read + write (ingest, feedback, evals, API keys, projects, failure-rules, model-routes, webhooks). - **viewer** — read-only dashboard access plus compliance read access to `/v1/audit-log` and `/v1/dlq`. servers: - url: https://api.trulayer.ai description: Production - url: http://localhost:8080 description: Local development security: - BearerAuth: [] tags: - name: health - name: ingest - name: traces - name: metrics - name: feedback - name: evals - name: eval-rules - name: control - name: apikeys - name: model-routes - name: datasets - name: search - name: anomaly - name: webhooks - name: failure-rules - name: eval-runs - name: ci - name: otlp - name: billing - name: deprecations - name: audit - name: failures - name: projects - name: compliance - name: dsr - name: policies - name: members paths: /v1/failure-rules: get: tags: - failure-rules summary: List failure detection rules for the tenant operationId: listFailureRules responses: '200': description: Failure rules list content: application/json: schema: $ref: '#/components/schemas/FailureRuleListResponse' '401': $ref: '#/components/responses/Unauthorized' components: schemas: FailureRuleListResponse: type: object required: - items properties: items: type: array items: $ref: '#/components/schemas/FailureRule' FailureRule: type: object required: - id - tenant_id - name - metric - operator - threshold - window_secs - severity - enabled - created_at - updated_at properties: id: type: string format: uuid tenant_id: type: string format: uuid name: type: string metric: type: string enum: - error_rate - latency_p99 - latency_p95 - score operator: type: string enum: - gt - gte - lt - lte threshold: type: number window_secs: type: integer default: 300 severity: type: string enum: - low - medium - high - critical default: medium enabled: type: boolean default: true created_at: type: string format: date-time updated_at: type: string format: date-time ErrorResponse: type: object required: - error properties: error: type: string responses: Unauthorized: description: Missing or invalid credentials content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' securitySchemes: BearerAuth: type: http scheme: bearer description: SDK API key (`tl_...`) or Clerk session JWT ````