How-to
Use Open Policy Agent
Pattern
public sealed class OpaAuthorizationProvider : IAuthorizationProvider
{
private readonly HttpClient _http;
private readonly string _opaUrl;
public async Task<PolicyDecision> AuthorizeAsync(...)
{
// POST to OPA: { input: { sender, destination, direction, ... } }
// Response: { result: { allow: true|false, reason: "..." } }
// Wrap as PolicyDecision
}
} Reacting to OPA bundle reloads
When OPA loads a new bundle, notify the SDK:
await client.Authorization.NotifyPolicyChangedAsync("opa-bundle-reloaded"); See also
- The authorization model Concept
- Use LDAP for authorization How-to
- Use OAuth for authorization How-to