API that takes a single PolicySet and Entities, a single action, resource, and context, and a batch (list) of principals, and reports whether each of the principals in the list is authorized. Likewise for a batch of actions and a batch of resources.
This can be done more efficiently than calling the normal is_authorized() in a loop, because we can first partial-evaluate with the principal unknown (resp. action or resource), and then evaluate only the residuals N times.
Describe alternatives you've considered
1) Just call is_authorized() in a loop
2) Users can do this by themselves, ie, call partial evaluation and then evaluate the residuals repeatedly, without us providing a wrapper API to do all of this in one call
Additional context
No response
Is this something that you'd be interested in working on?
[ ] 👋 I may be able to implement this feature request
Category
User level API features/changes
Describe the feature you'd like to request
API that takes a single
PolicySetandEntities, a singleaction,resource, andcontext, and a batch (list) ofprincipals, and reports whether each of the principals in the list is authorized. Likewise for a batch ofactions and a batch ofresources.This can be done more efficiently than calling the normal
is_authorized()in a loop, because we can first partial-evaluate with theprincipalunknown (resp.actionorresource), and then evaluate only the residuals N times.Describe alternatives you've considered
1) Just call
is_authorized()in a loop 2) Users can do this by themselves, ie, call partial evaluation and then evaluate the residuals repeatedly, without us providing a wrapper API to do all of this in one callAdditional context
No response
Is this something that you'd be interested in working on?