Skip to main content

EnforceAuth Documentation

EnforceAuth is the enterprise authorization platform for Policy as Code — operationalize authorization with governance, promotion, rollback, compliance evidence, and fleet visibility.

Start here

SectionWhat you'll find
IntroductionWhy continuous authorization matters and core PAC concepts
Quickstart15-minute end-to-end setup in the console
EnforceAuth PlatformArchitecture, lifecycle, operations, compliance, and audit
Policy as CodeEngine-agnostic journey from PEP to audit trail
Open Policy AgentOPA/EOPA runtime, deployment, Rego, and integration
MigrationsFrom Styra DAS™ or existing OPA / OCP fleets

Which PDP should you run?

OPA vs EOPA — runtime selection
OSS OPA (default)Enterprise OPA (EOPA)
Best forLearning, experimentation, standard deploymentsRegulated masking, large fleets, partitioning
EnforceAuthFull platform supportFull platform support — same Rego, same bundles

We recommend starting with OSS OPA for most new teams.

OPA vs EOPA decision guide

TopicGuide
PlatformEnforceAuth overview
Quickstart15-minute quickstart
ArchitectureReference architectures
KubernetesKubernetes Control Center
CI/CDGitHub Actions
MCP agentsMCP Authorization Gateway
DAS™ cutoverMigration from Styra DAS™
APIAPI Reference (Scalar)

Principles

  • EnforceAuth is the control plane — policies, promotion, decision logs, and compliance evidence
  • Your PDP evaluates policy — OSS OPA or EOPA at runtime
  • OPA language docs stay canonical at openpolicyagent.org — we curate the operational journey