dfx-opa demo

Switch the shared demo token and navigate through the guarded pages to see how the same OPA permissions drive both routed access and in-page UI state.

Home Kundenverwaltung Organisationsverwaltung

Access denied

Navigation was blocked

The guard redirected here before activating the target page. Change the shared token in the shell and try the route again.

Attempted route: (unknown)
Policy: (unknown)
Reason: Policy denied access

Back to home Retry (unknown)

Route guard function

function policyGuard(policy: string) {
  return authzCanActivate({
    fromResult: (result, { router, state }) =>
      result === true
        ? true
        : router.createUrlTree(['/access-denied'], {
            queryParams: {
              from: state.url,
              policy,
              reason: 'denied',
            },
          }),
    onError: (_error, { router, state }) =>
      router.createUrlTree(['/access-denied'], {
        queryParams: {
          from: state.url,
          policy,
          reason: 'error',
        },
      }),
    path: policy,
  });
}

$pnpm add dfx-opa

$npm install dfx-opa

$yarn add dfx-opa

$bun add dfx-opa