SDKs and APIs

SAPL provides multiple ways to connect applications to a Policy Decision Point (PDP).

APIs

• HTTP and RSocket API: Network APIs for any programming language. HTTP uses JSON over REST; RSocket uses protobuf over persistent TCP or Unix domain sockets for high-throughput workloads. Both offer the same five operations.
• Java API: A reactive API based on Project Reactor for embedding a PDP directly in Java applications or connecting to a remote PDP server via HTTP or RSocket.

Framework SDKs

• Spring: Annotation-driven and filter-based authorization for Spring Security and Spring WebFlux.
• NestJS: Guards and decorators for NestJS applications.
• Django: Decorators for Django views and services.
• Flask: Decorators for Flask routes and services.
• FastAPI: Decorators for FastAPI endpoints with async and streaming support.
• Tornado: Decorators for Tornado handlers with async and streaming support.
• FastMCP: Middleware and per-component authorization for MCP servers.
• .NET: Attributes and customizers for ASP.NET Core applications.

All SDKs and APIs expose the same authorization semantics: single subscriptions (streaming and one-shot) and multi-subscriptions (streaming and one-shot batch).