Write, Simulate, Understand — All in One Policy Console

Define policies using intuitive visual editors or direct DSL. Simulate decisions in real-time, understand "why denied," and trace policy behavior across environments.

How Visual Policy Simulation Works

Keymate's visual policy engine lets you write fine-grained access control logic using DSL or UI-based forms. Autocomplete, syntax validation, and contextual helpers ensure fast and error-free policy writing. Built-in simulation tools allow you to test real token and request data and understand every decision — before deploying.

Visual Policy Simulation Example Flow

Built-in simulation tools allow you to test real token and request data and understand every decision — before deploying.

Example: Left: DSL Editor. Center: Token/Context Input. Right: Result with breakdown.

Key Components:

DSL Editor (e.g., user.department == "Finance" && context.time < 1800)

Token / Context Input Panel

Result: ✅ Allow / ❌ Deny with breakdown (e.g., context.time = 2100 ❌, user.department = "Finance" ✅)

What Makes Keymate's DSL Engine Unique

Dual-Mode Editing

Switch between visual form-based input and raw DSL text mode seamlessly.

Autocomplete with Vocabulary API

Suggests valid fields, types, and tooltips for every DSL token.

Real-Time Simulation

Evaluate any policy using synthetic or real request data and see the decision.

"Why Denied?" Breakdown

Explains condition-by-condition what passed and what failed.

Policy Versioning & Diffing

Compare policy versions with visual diff tools and rollback support.

Form-Builder Ready DSL

DSL is designed to work with drag-and-drop builders in the future.

Powerful, flexible, and developer-friendly policy definition and testing.

Frequently Asked Questions

Understanding Keymate's Visual Policy DSL & Simulation capabilities.

A Domain-Specific Language (DSL) lets you express access control logic using readable conditions like `user.role == "manager"` or `context.ip != "vpn"`. In Keymate, this DSL powers all policy decisions.

Yes. Keymate provides a visual, form-based interface for non-technical users. DSL is optional and used mainly for advanced conditions.

Simulation allows you to test access policies against real or synthetic token data before enforcing them. You can see why a decision was made, and debug it easily in Keymate.

Keymate explains exactly why the policy failed using a breakdown of each condition, helping you fix errors or adjust your rules before deploying.

How to Use This Feature

Follow these steps to utilize the Visual Policy DSL and Simulation tools in Keymate.

Configuration and Usage Steps

Select or create a new policy

Navigate to the policy management section.

Choose visual or DSL editing mode

Toggle between UI forms and raw DSL input.

Use autocomplete or form inputs to define conditions

Build your policy logic with guided input.

Open the "Simulation" panel

Access the real-time testing environment.

Provide a token + request context

Input your test data in JSON format.

View decision + debug result

Analyze the outcome and condition breakdown.

Save or publish with version and notes

Manage your policy lifecycle with version control.

Try the DSL Editor & Debug Simulator

Ready to see it in action? Try the Dual-Mode Policy Builder now.

ELEVATE YOUR IAM STRATEGY

Ready to Transform Your Keycloak Experience?

Implement fine-grained authorization, multi-tenant infrastructure, and comprehensive security policies with Keymate — built on the Keycloak foundation you already trust.