Open Policy Agent
OPA for front-end authorization #276
Replies: 2 comments 4 replies
-
|
I don't have any hands on experience with this, but a talk on this topic was given at OPA Summit in the past. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, @jpreese, I will take a look at this video. |
Beta Was this translation helpful? Give feedback.
-
|
Yeah, having the frontend query an OPA in the backend, or a service talking to OPA, in order to e.g. toggle what the user sees, seems like the most common approach. Wasm is an interesting option for front-end evaluation of policy. I don't know of any public open source project to point at for an example though. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, @anderseknert. Exposing OPA, directly or via a service, seems to be a good solution. I don't test OPA wasm yet, this is an excellent chance to try it. |
Beta Was this translation helpful? Give feedback.
-
|
@srenatus do I remember correctly that you had a Wasm in the front end demo somewhere? 😊 |
Beta Was this translation helpful? Give feedback.
-
|
This isn't mine, but comes close to what is asked for here, I suppose: https://pongzt.com/post/opa-ui/#create-an-opa-hook |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
In all material that a read about OPA, the principal use case is to use it to authorize the back-end (and other cases like K8s, pipelines, etc.)
I would like to know if anyone already used OPA on front-end authorization, for example, to return a JSON response to the front-end with information related to the menus, buttons, and fields that a certain user can access based on certain rules.
If this is a valid use case, how can this be done? Maybe exposing an OPA instance to the front-end app get this information.
Thank you!
Beta Was this translation helpful? Give feedback.
All reactions