Org watch templates
Share repeatable watch configurations across your organization — URL patterns, poll defaults, auth headers, tags, and policy presets assigned from a catalog.
Shipped: CP-2.9 org templates API and console Launch from template on /start and fleet empty states.
Templates vs org defaults
| Capability | Status | Notes |
|---|---|---|
| Watch templates (CP-2.9) | Shipped | Named presets — create watches and bindings with one click |
| Contract template registry (CP-4.8) | Shipped | Modules / Providers shell in console catalog |
| Org notification defaults (CP-1.7) | Shipped | GET/PUT /api/org/notification-defaults — new watches inherit Slack/webhook, interval, alert policy |
| Org watch sets (CP-1.7) | Shipped | GET/POST/PUT/DELETE /api/org/watch-sets — staging vs production named sets; fleet Defined in column |
Template fields
| Field | Description |
|---|---|
name | Catalog label — e.g. “GitHub MCP production” |
watchType | openapi · rest · mcp |
urlPattern | Base URL or pattern for snapshot source |
policyPreset | Default drift policy preset for bindings created from template |
headersJson | Shared auth headers (encrypted at rest) |
tagsJson | Fleet filter tags — see CP-2.12 tag bar |
API
GET /api/templates
POST /api/templates
POST /api/watches/from-template
Create a template:
curl -s https://driftguard.org/api/templates \
-H "Authorization: Bearer dg_live_…" \
-H "Content-Type: application/json" \
-d '{
"name": "Stripe OpenAPI prod",
"watchType": "openapi",
"urlPattern": "https://api.stripe.com/v1/openapi.json",
"policyPreset": "staging-strict",
"tags": ["payments", "production"]
}'
Console workflow
-
Open the template catalog
ConsoleCatalog or empty fleet state → Launch from template
-
Pick a preset
Org templates appear beside system starters (GitHub MCP, Stripe OpenAPI, etc.)
-
Confirm overrides
Adjust URL, headers, or policy before create — template values are defaults, not locks
-
Optional binding
Attach an agent binding with inherited
policyPresetfor runtime enforcement
Inheritance today
- Templates set initial watch and binding fields at create time
- Per-watch edits after create do not retroactively change sibling watches
- Re-launch from an updated template creates a new watch — does not bulk-update fleet
CP-1.7 will add org-level sets with “defined in” override display (env0 org variables pattern).
Related
- Watch wizard
- Agent bindings
- Drift policy presets
- Portfolio Compass — coverage gaps after templating