OpenPARC is a platform built on Cedar Policy authorization language for developing, testing, and sharing authorization policies.
Every authorization decision answers one question: Can this principal perform this action on this resource in this context?
Who is requesting access?
The user, service, or role attempting an action. Principals carry attributes like department, role, or clearance level that policies evaluate.
User::"alice"
Role::"admin"
Service::"api-gateway"
What are they trying to do?
The operation being performed. Actions map to specific capabilities in your system that policies can allow or deny.
Action::"read"
Action::"delete"
Action::"approve"
What are they acting on?
The protected asset being accessed. Resources have types and attributes that let policies make fine-grained decisions.
Document::"report-q4"
Repo::"backend"
Account::"12345"
Under what conditions?
Environmental data surrounding the request. Context lets policies enforce conditions like time-of-day, IP range, or MFA status.
ip: "10.0.0.0/8"
mfa: true
time: "09:00-17:00"
Everything you need to build, test, and share Cedar Policy authorization policies.
Write well-structured Cedar Policy policies with syntax highlighting, validation, and intelligent code completion.
Create and manage Principal, Action, Resource, and Context datasets for comprehensive policy testing.
Build comprehensive test cases and suites to validate your policies against various scenarios and edge cases.
Share your policies and entities with the community, or discover and fork policies created by other developers.
Leveraging the power and expressiveness of Cedar Policy authorization language for policy development.
Join the OpenPARC community and start developing, testing, and sharing Cedar Policy authorization policies today.