> ## Documentation Index
> Fetch the complete documentation index at: https://docs.anthid.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Upsert organization control

> Creates or updates the manual control state for the authenticated user or API-key principal's organization. User callers must be organization admins with the Controls Premium entitlement; API-key callers need organization control edit permission.



## OpenAPI

````yaml /api-reference/controls.openapi.json put /v1/controls/organizations
openapi: 3.1.0
info:
  title: controls
  description: ''
  license:
    name: ''
  version: 0.1.0
servers:
  - url: https://api.anthid.com
    description: Production
security: []
tags:
  - name: Organization Controls
    description: Organization-level control configuration
  - name: Controls - Account - Manual
    description: Account-level manual control configuration
  - name: Controls - Account - Risk
    description: Account-level risk-limit control configuration
  - name: Controls - Account - Time
    description: Account-level time-window control configuration
  - name: Controls - Symbol - Manual
    description: Symbol-level manual control configuration
  - name: Controls - Symbol - Risk
    description: Symbol-level risk-limit control configuration
  - name: Controls - Symbol - Time
    description: Symbol-level time-window control configuration
  - name: Control Evaluation
    description: Effective control-state evaluation
paths:
  /v1/controls/organizations:
    put:
      tags:
        - Organization Controls
      summary: Upsert organization control
      description: >-
        Creates or updates the manual control state for the authenticated user
        or API-key principal's organization. User callers must be organization
        admins with the Controls Premium entitlement; API-key callers need
        organization control edit permission.
      operationId: upsertOrganizationControl
      requestBody:
        description: Manual disable flag and optional operator-facing reason
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpsertControlRequest'
        required: true
      responses:
        '200':
          description: Organization control upserted
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/OrganizationControl'
        '400':
          description: Request or organization context is invalid
          content:
            text/plain:
              schema:
                type: string
        '401':
          description: Missing or invalid authentication credentials
          content:
            text/plain:
              schema:
                type: string
        '403':
          description: Caller cannot edit controls for this organization
          content:
            text/plain:
              schema:
                type: string
        '429':
          description: Caller exceeded the request rate limit
          content:
            text/plain:
              schema:
                type: string
        '500':
          description: Unexpected server error while upserting the control
          content:
            text/plain:
              schema:
                type: string
      security:
        - bearerAuth: []
        - apiKeyAuth: []
components:
  schemas:
    UpsertControlRequest:
      type: object
      required:
        - manually_disabled
      properties:
        manual_reason:
          type:
            - string
            - 'null'
        manually_disabled:
          type: boolean
    OrganizationControl:
      type: object
      required:
        - organization_id
        - version
        - manually_disabled
        - created_at
        - updated_at
      properties:
        created_at:
          type: string
          format: date-time
        manual_reason:
          type:
            - string
            - 'null'
        manually_disabled:
          type: boolean
        organization_id:
          type: string
          format: uuid
        updated_at:
          type: string
          format: date-time
        version:
          type: integer
          format: int64
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
    apiKeyAuth:
      type: apiKey
      in: header
      name: x-api-key

````