Reference: Hello, Authorization
Overview
A worked reference course that demonstrates the EnforceAuth University authoring standard end to end: a lesson with the objective, concept, lab, and check-for-understanding shape, plus a runnable opa test lab. It also teaches a real first concept: the difference between authentication and authorization, and how a default-deny OPA policy encodes an access decision.
Who this is for
Anyone starting the Associate track, both EnforceAuth customers and open-source OPA users. The lab asks you to author a Rego allow rule, so complete the Rego material in OPA & Enterprise OPA Fundamentals (opa-eopa-fundamentals) first, or keep it open as a reference while you work.
Outcomes
By the end of this course you will be able to:
- Explain the difference between authentication and authorization at runtime.
- Read a default-deny OPA policy and predict its allow and deny decisions.
- Run an
opa testsuite and interpret the results.
Lessons
Hands-on lab
This course includes a graded lab in lab/. Run it with:
git clone https://github.com/EnforceAuth/university-labs.git
cd university-labs
opa test courses/reference-hello-authorization -v
Certification
Counts toward the Associate track. Certification is a machine-graded practical: you author a policy that the assessment engine runs against a hidden opa test suite you do not see. This lab is practice for that exam. The quiz in quiz.json checks your conceptual understanding alongside it.