Authorization is a must-have for every application, but most teams have to build it from scratch. The Open Policy Agent [0] is a good place to start for creating an OSS-based solution, but you still need to build a lot of stuff yourself.<p>The Aserto playground [1] lets you import your REST service’s openapi.json spec and automatically generates a permissions for each operation. You can assign these permissions to one or more roles (viewer, editor, admin, or create your own). Export the project to get your OPA policy for your REST service.<p>You can also try it out with the Petstore API [2]. Click the “Start Tour” button for a guided tour.<p>Would love feedback on how to make this better!<p>[0] <a href="https://openpolicyagent.org" rel="nofollow">https://openpolicyagent.org</a><p>[1] <a href="https://aserto.com/playground" rel="nofollow">https://aserto.com/playground</a><p>[2] <a href="https://petstore3.swagger.io/api/v3/openapi.json" rel="nofollow">https://petstore3.swagger.io/api/v3/openapi.json</a>