OPA API Authorization

A sample to show the difference between using OPA as the Policy Decision Point.

How to

The master branch does not include OPA as the Policy Decision Point. OPA is added in the add-opa branch.

You can compare the difference in this PR

If you want to spin up the OPA version, do the following steps:

git checkout add-opa

docker-compose up

Requesting the API

The API is available in the GET /finance/salary/:username endpoint. You can GET to this endpoint but a JWT is needed to properly make a request.

You can easily create an JWT at jwt.io. This application assumes that the algorithm is HS256 and the secret is simply secret. Also, the payload should look something like this:

{
  "sub": "1234567890"
  "iat": 1516239022,
  "user": "bob",
  "subordinates": ["alice"],
  "hr"

…

kenfdev / opa-api-auth-go

A sample API using OPA as the Policy Decision Point.

OPA API Authorization

How to

Requesting the API