PolicyFlow

From Logic to Access – Effortlessly.

PolicyFlow is a powerful DSL for crafting fine-grained authorization policies with clarity and precision. Designed for APIs, it streamlines complex access control into clean, readable rules. Built for scale, auditability, and developer happiness.

View on GitHub Documentation

PolicyFlow Live Editor

Live

123456789101112131415161718

// A policy governing actions within the 'documents' namespace.
policy DocumentAccess {
    actions: ["documents:**"] // This policy will only run for document-related actions.

    rules {
        rule AllowAdminsToRead {
            // Check if the action is specifically 'documents:read:confidential'
            when action == "documents:read:confidential" AND "admin" in user.roles
            then ALLOW
        }

        rule AllowEditorsToWrite {
            // Check if the action is any kind of 'write' action within the documents namespace.
            when action.Matches("documents:write:*") AND "editor" in user.roles
            then ALLOW
        }
    }
}

Syntax Valid18 linesdocument_policies.pf

The Tism

Is Very Strong

In This One

Intuitive Syntax

Write policies that read like natural language while maintaining the precision of code

Scalable Architecture

Built for enterprise-scale policy management with modular design and composition

Developer Friendly

Rich tooling, comprehensive testing framework, and excellent IDE integration