Policy Engine
Overview
The Policy Engine is the core policy management component of Keymate. It provides a REST API for managing authorization policies across multiple models (RBAC, ABAC, ReBAC, PBAC, RADAC, Dynamic), validates policy definitions, and integrates with the Audit Collector for compliance logging.
When to Read This Section
When you need to understand how Keymate manages authorization policies — storage, validation, API operations, and multi-tenant isolation.
Who Should Start Here
- Developers integrating with the Policy Engine API
- Architects designing authorization flows
- Operators deploying and configuring the Policy Engine
Key Topics
- Policy types (RBAC, ABAC, ReBAC, PBAC, RADAC, Dynamic)
- Decision strategies and policy logic
- REST API endpoints for policy CRUD
- Multi-tenant policy isolation
- Policy templates for reusable patterns
Representative Journeys
| Goal | Start Here |
|---|---|
| Understand how the Policy Engine works | Overview |
| Learn about policy types | Overview — Policy Types |
| Understand decision strategies | Overview — Decision Strategy |
Recommended Reading Order
- Overview — Policy types, decision strategies, and integration patterns
Related Sections
- Policy Model — Policy authoring, DSL, and lifecycle governance
- Authorization Models — RBAC, ABAC, ReBAC, PBAC concepts
- FGA Engine — OpenFGA integration for ReBAC
- Access Gateway — Runtime policy enforcement