Integration

SAPL provides multiple ways to connect applications to a Policy Decision Point (PDP). This section covers the available client APIs and framework integrations.

Available Interfaces

• HTTP API: A network API for any programming language that can make HTTP requests. Supports both streaming (Server-Sent Events) and one-shot (JSON) endpoints.
• Java API: A reactive API based on Project Reactor for embedding a PDP directly in Java applications or connecting to a remote PDP server. Spring Boot applications can use the SAPL starter for automatic configuration and Spring Security integration.
• Multi-Subscriptions: Batching multiple authorization subscriptions into a single request for efficient bulk authorization.
• Spring Security: Integrating SAPL with Spring Security for annotation-driven and filter-based authorization.
• NestJS: Guards and decorators for integrating SAPL authorization into NestJS applications.
• Python Django: Integrating SAPL authorization into Django applications.
• Python Flask: Integrating SAPL authorization into Flask applications.
• Python FastAPI: Integrating SAPL authorization into FastAPI applications.
• Python Tornado: Integrating SAPL authorization into Tornado applications.
• Python FastMCP: Integrating SAPL authorization into FastMCP (Model Context Protocol) servers.
• .NET: Attribute-driven policy enforcement for ASP.NET Core applications.

All client interfaces expose the same authorization semantics: single subscriptions (streaming and one-shot) and multi-subscriptions (streaming and one-shot batch).