EnforceAuth Documentation
EnforceAuth is the enterprise authorization platform for Policy as Code — operationalize authorization with governance, promotion, rollback, compliance evidence, and fleet visibility.
Start here
| Section | What you'll find |
|---|---|
| Introduction | Why continuous authorization matters and core PAC concepts |
| Quickstart | 15-minute end-to-end setup in the console |
| EnforceAuth Platform | Architecture, lifecycle, operations, compliance, and audit |
| Policy as Code | Engine-agnostic journey from PEP to audit trail |
| Open Policy Agent | OPA/EOPA runtime, deployment, Rego, and integration |
| Migrations | From Styra DAS™ or existing OPA / OCP fleets |
Which PDP should you run?
OPA vs EOPA — runtime selection
| OSS OPA (default) | Enterprise OPA (EOPA) | |
|---|---|---|
| Best for | Learning, experimentation, standard deployments | Regulated masking, large fleets, partitioning |
| EnforceAuth | Full platform support | Full platform support — same Rego, same bundles |
We recommend starting with OSS OPA for most new teams.
Popular guides
| Topic | Guide |
|---|---|
| Platform | EnforceAuth overview |
| Quickstart | 15-minute quickstart |
| Architecture | Reference architectures |
| Kubernetes | Kubernetes Control Center |
| CI/CD | GitHub Actions |
| MCP agents | MCP Authorization Gateway |
| DAS™ cutover | Migration from Styra DAS™ |
| API | API Reference (Scalar) |
Principles
- EnforceAuth is the control plane — policies, promotion, decision logs, and compliance evidence
- Your PDP evaluates policy — OSS OPA or EOPA at runtime
- OPA language docs stay canonical at openpolicyagent.org — we curate the operational journey