Getting Started
Getting Started
Section titled “Getting Started”Welcome to Sentrie! This guide will help you get up and running with Sentrie quickly.
What is Sentrie?
Section titled “What is Sentrie?”Sentrie is a policy enforcement engine that allows you to define and evaluate authorization rules, access control policies, and business logic in a clear, type-safe language. It’s designed to be:
- Declarative: Define what should happen, not how
- Type-safe: Catch errors at policy definition time
- Performant: Built for production workloads with caching and optimization
- Extensible: Integrate with JavaScript modules for complex logic
Quick Start Guide
Section titled “Quick Start Guide”Follow these steps to get started with Sentrie:
- Installation - Install Sentrie on your system
- What is Policy as Code? - Understand the concepts behind Policy as Code
- Writing your first Policy - Create your first Sentrie policy
- Running your Policy - Learn how to test and run your policies
Your First Policy
Section titled “Your First Policy”Let’s create a simple authorization policy to get familiar with Sentrie.
1. Create a Policy Directory
Section titled “1. Create a Policy Directory”mkdir my-first-policycd my-first-policy2. Write Your First Policy
Section titled “2. Write Your First Policy”Create a file called auth.sentrie:
namespace com/example/auth
policy user { rule allow = default false when user.role == "admin" { yield true }
export decision of allow}This policy:
- Defines a namespace
com/example/auth - Creates a policy called
user - Has a rule
allowthat returnstrueonly for admin users - Exports the
allowdecision for external evaluation
3. Start the Server
Section titled “3. Start the Server”sentrie serve --pack-location .You should see output like:
INFO Starting Sentrie server on port 7529INFO Pack loaded: exampleINFO Server ready4. Test Your Policy
Section titled “4. Test Your Policy”Make a request to evaluate the policy:
curl -X POST "http://localhost:7529/decision/com/example/auth/user/allow" \ -H "Content-Type: application/json" \ -d '{"user": {"role": "admin", "name": "alice"}}'Response:
{ "decision": true, "attachments": {}}Try with a non-admin user:
curl -X POST "http://localhost:7529/decision/com/example/auth/user/allow" \ -H "Content-Type: application/json" \ -d '{"user": {"role": "user", "name": "bob"}}'Response:
{ "decision": false, "attachments": {}}Understanding the Basics
Section titled “Understanding the Basics”Namespaces
Section titled “Namespaces”Namespaces organize your policies hierarchically:
namespace com/example/authnamespace com/example/billingnamespace com/example/analyticsPolicies
Section titled “Policies”Policies contain rules and define the context for evaluation:
policy user { // rules go here}Rules are the core of Sentrie policies. They have three parts:
- Name:
rule allow - Default:
default false(what to return if thewhencondition is false) - When:
when user.role == "admin"(condition that must be true) - Body:
{ yield true }(what to return if the condition is true)
Exports
Section titled “Exports”Export rules to make them available for external evaluation:
export decision of allowNext Steps
Section titled “Next Steps”Now that you have a basic understanding, explore:
- Installation Guide - Detailed installation options
- Writing Your First Policy - Deep dive into policy creation
- Policy Language Reference - Complete language documentation
- CLI Reference - Command-line interface documentation
Common Patterns
Section titled “Common Patterns”Simple Authorization
Section titled “Simple Authorization”policy access { rule allow = default false when user.role in ["admin", "editor"] { yield true }
export decision of allow}Resource-Based Access
Section titled “Resource-Based Access”policy resource { rule canRead = default false when user.role == "admin" or resource.owner == user.id { yield true }
rule canWrite = default false when user.role == "admin" { yield true }
export decision of canRead export decision of canWrite}Conditional Logic
Section titled “Conditional Logic”policy pricing { rule calculatePrice = default 0 { let basePrice = product.price let discount = user.isPremium ? 0.1 : 0.05 let finalPrice = basePrice * (1 - discount)
yield finalPrice }
export decision of calculatePrice}Troubleshooting
Section titled “Troubleshooting”Common Issues
Section titled “Common Issues”Policy not found: Make sure your namespace and policy names match exactly in the URL path.
Invalid JSON: Ensure your request body is valid JSON and matches the expected structure.
Server won’t start: Check that port 7529 is available, or use --port to specify a different port.
Getting Help
Section titled “Getting Help”- Check the Language Reference for syntax help
- Look at the CLI Reference for command options
- Visit our GitHub repository for examples and issues