Policy Model
Overview
The Policy Model defines how authorization policies are authored, tested, and managed in Keymate. It supports multiple authorization models (RBAC, ABAC, ReBAC, PBAC, RADAC, Dynamic) with a unified authoring experience that combines visual UI editing with a powerful expression language.
When to Read This Section
When you need to understand how policies are created, tested, and governed in Keymate. This section is essential for architects designing authorization strategies and developers implementing policy logic.
Who Should Start Here
- Architects designing authorization strategies
- Developers writing and testing policies
- Security engineers reviewing policy configurations
- Operators managing policy deployments
Key Topics
- Policy DSL — Expression language for policy conditions
- Dual-Mode Policy Authoring — Switch between UI-based and expression-based editing
- Simulation & Why Denied — Test policies and debug access decisions
- Policy Lifecycle & Governance — Version, approve, and audit policy changes
Representative Journeys
- I want to understand the policy expression language -> Policy DSL
- I want to learn about authoring modes -> Dual-Mode Policy Authoring
- I want to debug why access was denied -> Simulation & Why Denied
- I want to manage policy versions and approvals -> Policy Lifecycle & Governance