Using OPA for Applications Authorization

‚ÄčOpen Policy Agent (OPA) is fast becoming the standard for authorization applications because it enables companies to provide fine-grained policy control through declarative policies.

Recognizing that OPA has become a standard tool for implementing authorization decisions, build.security chose OPA to power its authorization platform. With our OPA-based solution, you can quickly and easily create an authorization policy that determines access permissions that can be role-based, location-based, time and/or date based. etc. The policy can be as simple or as complex as needed, with as many individual policy items, data sources, Policy Decision Points, and Policy Enforcement Points as needed to ensure full compliance with your authorization needs.

OPA decision flow

One of the main reasons for OPA's popularity is that it enables you to decouple policy authoring from code so that you can create, review, analyze and modify your authorization policies in real-time, safely and without influencing performance. With OPA as the base upon which build.security was built, you will be able to author, manage, and deploy your authorization policy by building policy items that are created through a user-friendly process.

build.security's platform extends OPA to leverage data attributes from any API-based service including data sources, cloud services and ticketing systems to bake only the freshest values into policies at runtime with minimal performance impact.