Policy Representation

New
  • Published on Jul 15, 2025
  • 1 minute(s) read
Prev Next

Every Policy in the Policy Catalog is represented in two ways:

  • As structured Rego code, which provides a developer-friendly interface to create, modify, import, and export Policies. This representation supports the full Policy development life cycle and enables organizations to standardize how Policies are written and moved between Environments (e.g., from Staging to Production).
  • As a visual representation in the Policy Map, which displays the Authorization logic in graphical form, helping business users understand the Policy’s evaluation flow —
    "WHO (Dynamic Groups) can do WHAT (Assets & Actions) and WHEN (Conditions)?"

Policy Map View

Every Policy in the Platform can be viewed in the Policy Map, whether it was created directly in the Platform or imported. The Policy Map displays the following:

  • WHO – Identity Template ID: The Dynamic Groups that are allowed or denied access, depending on the Policy type. These appear on the left side of the map, and the number of groups is indicated.
  • WHEN – Conditions: Environmental constraints like date/time restrictions, IP address, or Identity Attributes.
  • WHAT – Assets: The specific Assets that are accessible, based on the Actions, Conditions, and Rulesets in the Policy. Rulesets can be expanded for management and configuration.
  • WHAT – Applications: Applications through which access to Assets is granted. These may include logos defined in the Application settings.

Note: If the Policy is Inactive, the entire Policy Map is grayed out and is not included in authorization decisions.

Below the Policy Map, the following metadata is displayed:

  • Access Type – Whether the Policy allows or restricts access.
  • Last Update – The date and time of the last modification.
  • Policy State – The current status of the Policy (Active or Inactive).

Policy Map Example

Policy Code View

The Policy Code tab provides a raw, structured Rego view of the Policy. This view is especially useful for developers or technical users who need full control over the logic or wish to version and migrate Policies using Policy as Code practices.

You can toggle between Light and Dark mode using the theme switcher in the code panel.

Large GIF 1048x636.gif

How to Access the Policy Map or Code

  1. Select the relevant Authorization Workspace.
  2. Ensure the Policy tab is selected.
  3. Choose a Policy. The Details tab opens.
  4. In the header section, click Map or Code to switch between the visual and structured representations.

Policy View Tabs