Quickstart¶
Policies¶
Policies are defined in YAML files for each consuming service, locally or in remote (private) Github repos, as follow:
service: https://api.service.org
identityProvider: https://api.auth0.com/
policies:
- id: alice-bob-create-keys
description: Alice and Bob can create keys
principals:
- userid:alice
- userid:bob
actions:
- create
resources:
- key
effect: allow
-
id: crud-articles
description: Editors can CRUD articles
principals:
- role:editor
actions:
- create
- read
- delete
- update
resources:
- article
effect: allow
Save it to config/api-policies.yaml
for example.
Run¶
Doorman is available as a Docker image (but can also be ran from source).
In order to read the local files from the container, we will mount the local config
folder to /config
.
We’ll then use /config
as the POLICIES
location.
docker run \
-e POLICIES=/config \
-v ./config:/config \
-p 8000:8080 \
--name doorman \
mozilla/doorman
Doorman is now ready to respond authorization requests on http://localhost:8080. See API docs!
Examples¶
See the examples folder on Github.