Layer 5: Authorization (AuthZEN, Cedar, OpenFGA)¶
Work in Progress
This page is a placeholder. See Architecture for current documentation.
Overview¶
The top layer makes access control decisions combining agent, human, and workload identity with resource policies.
Specifications¶
- AuthZEN - PEP-PDP communication API
- Cedar - ABAC policy language
- OpenFGA - ReBAC authorization service
Implementation¶
Planned
AuthZEN client implementation is planned for agent-protocols/authzen. See Roadmap.