# Policy: Business Partner Groups

### Business Partner Group policy

This documentation provides an overview of how to use the Management-API to manage and evaluate Business Partner Group policies. The Business Partner Group policy enables categorizing business partners into groups and defining access- and contract-policies based on their membership. For example, a company can restrict access to certain assets to members of specific groups like `group1` or `group2`. This is useful for scenarios where assets or resources are only accessible to specific groups of business partners.

### API Endpoints and Usage

#### Assigning a BPN to Groups

This endpoint assigns a specific BPN to one or more groups. The groups do not need to be created explicitly; they are defined dynamically upon assignment.

**Request**\
`POST {{Management-API}}/v3/business-partner-groups`

**Payload Example**:

{% code title="JSON" overflow="wrap" lineNumbers="true" %}

```json
{
  "@context": {
    "tx": "https://w3id.org/tractusx/v0.0.1/ns/"
  },
  "@id": "BPNL000000000000",
  "tx:groups": [
    "group1",
    "group2"
  ]
}
```

{% endcode %}

#### Checking Group Membership of a BPN

This endpoint retrieves the groups a specific BPN is assigned to. Use this to verify that the assignment was successful.

**Request**\
`GET {{Management-API}}/v3/business-partner-groups/BPNL000000000000`

**Response Example:**

{% code title="JSON" overflow="wrap" lineNumbers="true" %}

```json
{
  "@id": "BPNL000000000000",
  "tx:groups": [
    "group1",
    "group2"
  ]
}
```

{% endcode %}

#### Creating a Business Partner Group Policy

This endpoint defines a policy to evaluate whether a BPN belongs to one or more groups. The policy can later be used in a Contract Definition/Data Offer as an access- or contract-policy. The example below uses the `isAnyOf` operator to check if a BPN is part of "group1" or "group2".

**Request** `POST {{Management-API}}/v3/policydefinitions`

**Payload Example**:

{% code title="JSON" overflow="wrap" lineNumbers="true" %}

```json
{
    "@type": "https://w3id.org/edc/v0.0.1/ns/PolicyDefinitionDto",
    "@id": "bpn-group1-and-group2",
    "https://w3id.org/edc/v0.0.1/ns/policy": {
        "@context": "http://www.w3.org/ns/odrl.jsonld",
        "@type": "http://www.w3.org/ns/odrl/2/Set",
        "permission": [
            {
                "action": "USE",
                "http://www.w3.org/ns/odrl/2/constraint": [
                    {
                        "leftOperand": "https://w3id.org/tractusx/v0.0.1/ns/BusinessPartnerGroup",
                        "operator": "http://www.w3.org/ns/odrl/2/isAnyOf",
                        "rightOperand": "group1,group2"
                    }
                ]
            }
        ]
    }
}
```

{% endcode %}

The following ODRL operators are supported:

* **eq**: Equal to a value
* **neq**: Not equal to a value
* **isPartOf**: Checks if a value is part of a group
* **isAllOf**: Checks if all values match
* **isAnyOf**: Checks if any value matches
* **isNoneOf**: Ensures no value matches