How-to
Disable automatic enforcement
Goal
Stop the SDK from automatically applying policy rules on every encrypt and decrypt. Apply rules manually only on the messages you choose, or use an external authorisation system.
When to disable
- You are integrating with an external authorisation system (LDAP, OAuth, OPA, etc.)
- You want to apply rules selectively to certain messages but not others
- You are testing or debugging and want to bypass policy temporarily
Disable
client.DisableAutoEnforce(); After this call:
EncryptEnvelopeAsyncencrypts without checking policyDecryptEnvelopeAsyncdecrypts and returns the body as-is;msg.AuthorizedisDisabled
Re-enable
client.EnableAutoEnforce(); Check the current state
Console.WriteLine($"AutoEnforce: {client.AutoEnforceOnDecrypt}"); Apply rules manually when AutoEnforce is off
You can still authorise specific messages explicitly. See Manually authorize a message for details.
See also
- The authorization model Concept
- Manually authorize a message How-to