> ## Documentation Index
> Fetch the complete documentation index at: https://docs.scrip.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# List rule event references

> Enumerate the `event.*` payload fields a program's ACTIVE rules read, across CEL conditions and action expressions. Returns a per-rule breakdown and a deduplicated union.

Returns the `event.*` payload fields that a program's `ACTIVE` rules read, scanned across each rule's CEL condition and its action expressions (amounts, values, `reference_id`, payload templates, and dynamic target selectors). The response contains a per-rule breakdown and a deduplicated `union`, so you can treat the union as the integration contract for the events your system sends.

Event payloads are schemaless, so a misspelled field name in a rule is a silent non-match: the rule never fires and nothing reports why. Use this endpoint to verify your event sender supplies every referenced field, or to detect drift between what rules expect and what your events contain. Computed keys such as `event[x]` are reported separately under `dynamic_event_paths` (for example `event.metadata[*]`) rather than dropped. `SUSPENDED` and `ARCHIVED` rules are excluded, and the scan ignores `active_from`/`active_to` windows so the contract stays stable.


## OpenAPI

````yaml GET /v1/programs/{programId}/rules/event-references
openapi: 3.0.3
info:
  contact:
    email: support@scrip.dev
    name: Scrip Support
    url: https://scrip.dev/support
  description: >-
    Universal Incentive Infrastructure API for managing loyalty programs,
    rewards, and participant balances.


    Scrip provides a complete backend for building incentive and loyalty
    programs. Core concepts:

    - **Programs**: Containers for incentive logic (e.g., "Q1 Sales Bonus",
    "Customer Loyalty")

    - **Assets**: The currency or points being tracked (e.g., "Bonus Points",
    "Cash Rewards")

    - **Participants**: Users who earn and spend assets (identified by
    external_id)

    - **Groups**: Collections of participants for team-based incentives

    - **Rules**: Automated reward logic triggered by events

    - **Events**: Actions that trigger rule evaluation (e.g., "purchase",
    "referral")


    Response formats:

    - **Collection endpoints** return: {"data": [...], "pagination":
    {"has_more": true, "next_cursor": "..."}}

    - **Single-resource endpoints** return the resource directly

    - **Errors** return: {"code": "...", "message": "...", "details": {...}} —
    `details` is an optional object, present on input errors only
  license:
    name: Proprietary
    url: https://scrip.dev/license
  termsOfService: https://scrip.dev/terms
  title: Scrip API
  version: '1.0'
servers:
  - url: https://api.scrip.dev
security: []
tags:
  - description: >-
      Manage incentive programs. Programs are the top-level container for all
      incentive logic.
    name: Programs
  - description: >-
      Manage asset types (currencies, points). Assets define what participants
      can earn and spend.
    name: Assets
  - description: >-
      Manage participants and their balances. Participants are identified by
      external_id from your system.
    name: Participants
  - description: Manage participant groups for team-based incentives.
    name: Groups
  - description: >-
      Manage automated reward rules. Rules define conditions and actions
      triggered by events.
    name: Rules
  - description: Ingest events that trigger rule evaluation and reward distribution.
    name: Events
  - description: Transfer assets between participants.
    name: Transfers
  - description: Access ledger summaries and program activity reports.
    name: Reporting
  - description: >-
      Redeem participant balances for rewards. Supports raw amount redemptions
      and catalog item redemptions.
    name: Redemptions
  - description: >-
      Manage the reward catalog. Create and manage redeemable items with
      inventory tracking.
    name: Rewards
  - description: >-
      Schedule and manage automated event dispatching. Automations generate
      events on cron schedules, at specific times, or by evaluating participant
      state.
    name: Automations
  - description: >-
      Manage tier types and levels within programs. Tiers define status
      hierarchies that participants progress through based on qualification
      rules.
    name: Tiers
  - description: Inspect double-entry ledger records for auditing and reconciliation.
    name: Journal Entries
  - description: >-
      Manage webhook endpoints and delivery logs. Webhooks notify your
      application of real-time events via HTTP POST with HMAC-SHA256 signatures.
    name: Webhooks
paths:
  /v1/programs/{programId}/rules/event-references:
    get:
      tags:
        - Rules
      summary: List event field references for a program's rules
      description: >-
        Enumerate the `event.*` payload fields a program's ACTIVE rules read,
        across CEL conditions and action expressions. Returns a per-rule
        breakdown and a deduplicated union.
      operationId: listRuleEventReferences
      parameters:
        - description: Program ID
          in: path
          name: programId
          required: true
          schema:
            format: uuid
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/handlers.EventReferencesResponse'
          description: Event field references for the program's active rules
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/handlers.ErrBadRequestResponse'
          description: 'Invalid program ID (code: bad_request)'
        '401':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/handlers.ErrUnauthorizedResponse'
          description: 'Missing or invalid credentials (code: unauthorized)'
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/handlers.ErrNotFoundResponse'
          description: 'Program not found (code: not_found)'
        '500':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/handlers.ErrInternalResponse'
          description: 'Internal server error (code: internal_error)'
      security:
        - ApiKeyAuth: []
        - BearerAuth: []
components:
  schemas:
    handlers.EventReferencesResponse:
      properties:
        program_id:
          description: Program ID the references were computed for (UUID).
          example: 550e8400-e29b-41d4-a716-446655440000
          format: uuid
          type: string
        rule_count:
          description: Number of ACTIVE rules scanned.
          example: 3
          type: integer
        rules:
          description: Per-rule breakdown, ordered by rule evaluation order.
          items:
            $ref: '#/components/schemas/handlers.RuleEventReferencesEntry'
          type: array
        union:
          allOf:
            - $ref: '#/components/schemas/handlers.EventReferenceSet'
          description: >-
            Deduplicated union of all event references across every scanned
            rule.
      type: object
    handlers.ErrBadRequestResponse:
      additionalProperties: false
      properties:
        code:
          description: Code is the machine-readable error code
          example: bad_request
          type: string
        details:
          allOf:
            - $ref: '#/components/schemas/handlers.ErrorDetails'
          description: >-
            Details provides optional structured error context (field errors,
            etc.)
        message:
          description: Message is the human-readable error description
          example: Invalid request parameters
          type: string
      type: object
    handlers.ErrUnauthorizedResponse:
      properties:
        code:
          description: Code is the machine-readable error code
          example: unauthorized
          type: string
        details:
          allOf:
            - $ref: '#/components/schemas/handlers.ErrorDetails'
          description: Details provides optional structured error context
        message:
          description: Message is the human-readable error description
          example: Missing or invalid credentials
          type: string
      type: object
    handlers.ErrNotFoundResponse:
      properties:
        code:
          description: Code is the machine-readable error code
          example: not_found
          type: string
        details:
          allOf:
            - $ref: '#/components/schemas/handlers.ErrorDetails'
          description: Details provides optional structured error context
        message:
          description: Message is the human-readable error description
          example: Resource not found
          type: string
      type: object
    handlers.ErrInternalResponse:
      properties:
        code:
          description: Code is the machine-readable error code
          example: internal_error
          type: string
        message:
          description: Message is the human-readable error description
          example: An internal error occurred
          type: string
      type: object
    handlers.RuleEventReferencesEntry:
      properties:
        dynamic_event_paths:
          description: >-
            Dynamic event accesses this rule makes (see
            EventReferenceSet.dynamic_event_paths).
          example:
            - event.metadata[*]
          items:
            type: string
          type: array
        event_paths:
          description: >-
            Static event field paths this rule reads (see
            EventReferenceSet.event_paths).
          example:
            - event.amount
          items:
            type: string
          type: array
        rule_id:
          description: Rule ID (UUID).
          example: 550e8400-e29b-41d4-a716-446655440000
          format: uuid
          type: string
        rule_name:
          description: Human-readable rule name.
          example: 3% cashback on purchases
          type: string
      type: object
    handlers.EventReferenceSet:
      properties:
        dynamic_event_paths:
          description: >-
            Computed/dynamic accesses whose key is only known at evaluation
            time,

            rendered as the known literal prefix plus a "[*]" marker, e.g.
            "event[*]"

            (a computed top-level key) or "event.metadata[*]" (a computed key
            under

            event.metadata). Surfaced, not dropped: a dynamic key still implies
            the

            event must carry whatever it resolves to at runtime.
          example:
            - event.metadata[*]
          items:
            type: string
          type: array
        event_paths:
          description: >-
            Static, fully-literal event field paths, each prefixed with
            "event.",

            e.g. "event.amount" or "event.metadata.category". These are the
            exact

            fields the program's rules read from an event payload.
          example:
            - event.amount
          items:
            type: string
          type: array
      type: object
    handlers.ErrorDetails:
      description: >-
        Optional structured details about the error. Always a JSON object: a
        `fields` array for validation errors, or flat
        field/reason/expected/received properties for other input errors.
      properties:
        expected:
          description: Expected value or format (non-validation input errors)
          example: uuid
          type: string
        field:
          description: Field name that caused the error (non-validation input errors)
          example: asset_id
          type: string
        fields:
          description: >-
            Fields lists each offending input field on validation_error
            responses.
          items:
            $ref: '#/components/schemas/handlers.ErrorFieldDetail'
          type: array
        reason:
          description: Machine-readable reason code (non-validation input errors)
          example: invalid
          type: string
        received:
          description: Value that was received (non-validation input errors)
          example: not-a-uuid
          type: string
      type: object
    handlers.ErrorFieldDetail:
      description: >-
        A single field-level error: which input field failed, why, and (where
        known) the expected and received values.
      properties:
        expected:
          description: >-
            Expected value or format. Usually a string; for "one of" constraints
            it

            is an array of the allowed values.
        field:
          description: Field name that caused the error
          example: amount
          type: string
        message:
          description: Human-readable explanation (validation errors only)
          example: This field is required
          type: string
        reason:
          description: Machine-readable reason code
          example: required
          type: string
        received:
          description: Value that was received
          example: '-10.00'
          type: string
      type: object
  securitySchemes:
    ApiKeyAuth:
      description: API key passed in the X-API-Key header.
      in: header
      name: X-API-Key
      type: apiKey
    BearerAuth:
      description: Bearer token passed in the Authorization header (e.g. "Bearer sk_...").
      in: header
      name: Authorization
      type: apiKey

````