Comment by robertlagrant
3 days ago
That's still not saying what it is, though. Is it a thing you put in front of your backend to allow/deny requests? Is it an endpoint something like nginx calls with an auth token and the http verb and url that responds with 200/403 that nginx can react to? Is it a library you embed in your application? Is it an agentic AI?
It's as though you're describing a car to someone who's never seen a car before by listing all the places you can go in a car.
Fundamentally it's a programming language so all the normal ways of running it apply:
Use their library in your application to evaluate policies.
Run it from the cli.
Embed it in some service like nginx.
The language itself is pretty focused on some prolog-ish describing of what constitutes an allow/deny decision.