Skip to main content

Overview of Opinionated Data Model

DAS Entitlements provides an opinionated data model that makes it especially easy to get started.

The opinionated data model covers the following topics:

  • Requests: The request sent to the OPA-based entitlement service is expected to provide data in a specific schema. Recall that OPA accepts any input-format, but DAS Entitlements provides a well-defined input schema. For legacy applications, you can write the logic that transforms a different input format into the one prescribed. Reducing the need to retrofit existing defined input structures.

  • Responses: The decision returned by the OPA-based entitlement service has a prescribed schema as well. That schema combines the decisions from a system and all of the stacks that apply to it to make a final decision for the application.

  • External data: Entitlement decisions are often based heavily on data from existing systems-of-record like LDAP, AD, SCIM, and so on. The DAS Entitlements service provides an opinionated object model for how to represent users, groups, roles, and so on. It also provides mechanisms for mapping data from those systems-of-record into that model.