Production checklist

Before deploying Oso to production, ensure you've completed each of these steps.

Modeling

• Determine your authorization requirements.
• Model your authorization requirements in Polar in an Oso Policy. For more details on our Polar language, see Polar Rules. For examples of common authorization patterns (RBAC, ReBAC, ABAC), see Common Patterns.
• Generate an API key for your application to access your environment. For more details, see Create New API Keys.

Authorization data

• Determine how you want to handle existing authorization data (i.e. some combination of centralizing in Oso Cloud via Oso Sync, using Local Authorization, and sending via Context Facts). For more details, see Authorization Data.
• Plan to manage authorization data with Oso running in production. Again, see Authorization Data and the relevant SDK documentation for your application.

Enforcement

• Enforce authorization through one of the following APIs:
  • Enforcement for determining an actors' ability to perform an action on a resource.
  • List filtering for determining a set of resources actors can act upon.

Testing + CI/CD

• Set up your local development workflow.
• Add Oso to your CI/CD pipeline.
  • Configure the Oso Dev Server to use during CI checks.
• Plan for outages with a fallback node.
• Plan a staged rollout for Oso, for example by running it side-by-side with your legacy code using feature flags.