Decision Trace

Definition

A Decision Trace is a record of which policy rules were evaluated during an authorization decision. It captures the evaluation order, matched conditions, and the resulting access decision (grant or deny). Decision Traces appear in HTTP response headers (such as X-Decision-Trace) and in the Audit Collector.

A Decision Trace is not an OpenTelemetry distributed trace. OpenTelemetry traces track request flows across services with span timing and service dependencies. Decision Traces track policy evaluation logic within a single authorization decision.

Term	What it records	Where it appears
Decision Trace	Policy rule evaluation order and results	`X-Decision-Trace` header, Audit Collector
OpenTelemetry Trace	Distributed request flow across services	Observability platform, trace backends

Audit Collector
Observability
Policy Engine

Decision Trace Headers
Traces and Root Cause Analysis

Definition​

Related Terms​

Related Docs​

Definition

Related Terms

Related Docs