Skip to main content
Version: 26.1

Policies

The Policies section is where you create, manage, and edit the rules that govern access and operations within your organization. This section provides a powerful interface to author and organize policies using the ALFA (Abbreviated Language for Authorization) language.

The ALFA language

ALFA is a domain-specific language that uses a syntax similar to popular programming languages like Java and C#. The Authorization Hub enables you to divide your policies into multiple ALFA files, which are then bundled in a single policy package. This package encapsulates the primary policy, all referenced policies, and the attributes dictionary.

tip

For a deeper understanding of ALFA, its syntax, and policy authoring, visit the ALFA documentation siteOpens in a new tab.

Interface

The main Policy editor interface consists of the ALFA resources and Editor areas.

ALFA resources

This area on the left lists all the ALFA files associated with your project, including attributes-dictionary.alfa. Within this area, you can perform various actions on your ALFA files, such as:

  • Open your files in the editor by double-clicking on the appropriate filename.

  • Add new ALFA files by clicking the Add new file button on the upper right corner of the section.

  • Manage your files by clicking the options button (three dots) next to their filenames and selecting between:

    • Rename: Allows you to change the name of the target file.
    • Duplicate: Creates an exact copy of the target file, adding Copy_of_ to the beginning of the filename.
    • Delete: Helps you clean up your policy set by removing unneeded files.
note

Changes performed on the ALFA resources area are saved automatically.

Finally, the ALFA resources section also helps you quickly identify files with issues by coloring them red.

attribute-dictionary.alfa

When you navigate to the Policies page, the current state of your Dictionary is made available as a read-only attribute-dictionary.alfa file in the ALFA resources area. You can also define new attributes directly within your ALFA policies, even if they aren't yet in the Dictionary.

note

Currently, the system does not automatically include attributes defined in ALFA policies back in the Dictionary. Consequently, these attributes cannot be utilized in attribute connector configurations as provided or key attributes, and no caching configuration can be applied to them.

When you save your policy, this attribute dictionary "snapshot" is saved along with the other ALFA resources.

Editor

The central area of the screen is the Editor, where you can write and modify your policies by utilizing the following features:

  • Syntax highlighting, including bracket matching. This allows for improved readability and easier debugging.
  • Suggestions and auto completion that speed up your coding efforts.
  • Jump to definition allowing you to go quickly to the definition of a PolicySet, Policy, or Rule.
  • Error checking. Syntax errors are highlighted allowing you to catch and correct them as they occur, minimizing the time spent on debugging.
  • Minimap for quicker navigation in large files.
  • Multi-file support. For each file you open, a new tab is added above the editor allowing you to quickly navigate between all open files.
tip

Open files with unsaved changes are indicated by a green dot next to their filename on the tab list.

Save your changes

Authorization Hub requires an explicit action to save changes made to your ALFA files. The following options are available in the upper right corner:

  • Save: Saves changes to the ALFA file currently active in the Editor. Files open in other editor tabs are not affected.

  • Save all: Saves changes to all ALFA files open in the Editor, including both the active file and those in background tabs. Click the downward arrow next to Save and then Save all.

note

attribute-dictionary.alfa is saved along with your other ALFA files with every save, whether you use Save or Save all.

Problems panel

The Editor, in addition to its core editing capabilities, includes a dedicated Problems panel. This panel displays all errors and warnings in your ALFA files, providing a description of what went wrong. It also offers line numbers that pinpoint the exact location of each issue for quick resolution.