Skip to main content

Reference: Hello, Authorization

Overview

A worked reference course that demonstrates the EnforceAuth University authoring standard end to end: a lesson with the objective, concept, lab, and check-for-understanding shape, plus a runnable opa test lab. It also teaches a real first concept: the difference between authentication and authorization, and how a default-deny OPA policy encodes an access decision.

Who this is for

Anyone starting the Associate track, both EnforceAuth customers and open-source OPA users. The lab asks you to author a Rego allow rule, so complete the Rego material in OPA & Enterprise OPA Fundamentals (opa-eopa-fundamentals) first, or keep it open as a reference while you work.

Outcomes

By the end of this course you will be able to:

  • Explain the difference between authentication and authorization at runtime.
  • Read a default-deny OPA policy and predict its allow and deny decisions.
  • Run an opa test suite and interpret the results.

Lessons

  1. What authorization is (and is not)

Hands-on lab

This course includes a graded lab in lab/. Run it with:

git clone https://github.com/EnforceAuth/university-labs.git
cd university-labs
opa test courses/reference-hello-authorization -v

Certification

Counts toward the Associate track. Certification is a machine-graded practical: you author a policy that the assessment engine runs against a hidden opa test suite you do not see. This lab is practice for that exam. The quiz in quiz.json checks your conceptual understanding alongside it.