# API Access Control

## Get routes

 - [GET /resources/routes/v1](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_getmany.md): Retrieve all configured routes with their HTTP methods, paths, policies, and associated rules for access control and feature gating.

## Create route

 - [POST /resources/routes/v1](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_create.md): Create a new route configuration with HTTP method, path, and policy type (allow, deny, or ruleBased) for access control management.

## Get single route

 - [GET /resources/routes/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_getsingle.md): Retrieve detailed information for a specific route by its unique ID, including method, path, policy type, and associated rules.

## Delete route

 - [DELETE /resources/routes/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_delete.md): Delete a specific route by its unique ID, permanently removing the route configuration and its associated access control rules.

## Update route

 - [PATCH /resources/routes/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_update.md): Update an existing route's configuration, including HTTP method, path, policy type, and description for access control management.

## Import open API

 - [POST /resources/routes/v1/import-open-api](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_importopenapi.md): Import route configurations from an OpenAPI specification in JSON format, automatically creating routes based on the API definition.

## Create or replace route rules

 - [PUT /resources/routes/v1/{id}/rules](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_replacerules.md): Create or replace route rules for a specific route, defining access control through feature flags or permission-based restrictions that determine user authorization.