Code Examples
Short, copy-paste snippets for calling the AuthzX authorize endpoint from the three officially supported languages. Each example does the same thing: build a client, call authorize, branch on decision.
For full API details see the Authorize API reference. For the long-form SDK docs see the SDKs overview.
Go
package main
import (
"context"
"fmt"
"log"
// Verify the exact import path in the SDK README:
// https://github.com/authzx/authzx-go
authzx "github.com/authzx/authzx-go"
)
func main() {
client := authzx.NewClient("azx_...")
resp, err := client.Authorize(context.Background(), &authzx.AuthorizeRequest{
Subject: authzx.Subject{ID: "user-123", Type: "user"},
Resource: authzx.Resource{Type: "document", Name: "Engineering Wiki"},
Action: authzx.Action{Name: "read"},
Context: map[string]any{"ip": "10.0.0.1"},
})
if err != nil {
log.Fatal(err)
}
if resp.Decision {
fmt.Println("allow:", resp.Context.Reason)
} else {
fmt.Println("deny:", resp.Context.Reason)
}
}
Node / TypeScript
// npm install @authzx/sdk
import { AuthzX } from "@authzx/sdk"
const authzx = new AuthzX({ apiKey: process.env.AUTHZX_API_KEY! })
const { decision, context } = await authzx.authorize({
subject: { id: "user-123", type: "user" },
resource: { type: "document", name: "Engineering Wiki" },
action: { name: "read" },
context: { ip: "10.0.0.1" },
})
if (decision) {
console.log("allow:", context.reason)
} else {
console.log("deny:", context.reason)
}
If you'd rather skip the SDK, call the REST endpoint directly with fetch:
const r = await fetch("https://api.authzx.com/v1/authorize", {
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.AUTHZX_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({
subject: { id: "user-123", type: "user" },
resource: { type: "document", name: "Engineering Wiki" },
action: { name: "read" },
}),
})
const { decision, context } = await r.json()
Python
# pip install authzx
from authzx import AuthzX
client = AuthzX(api_key="azx_...")
result = client.authorize(
subject={"id": "user-123", "type": "user"},
resource={"type": "document", "name": "Engineering Wiki"},
action={"name": "read"},
context={"ip": "10.0.0.1"},
)
if result.decision:
print("allow:", result.context.reason)
else:
print("deny:", result.context.reason)
With plain requests:
import os, requests
r = requests.post(
"https://api.authzx.com/v1/authorize",
headers={"Authorization": f"Bearer {os.environ['AUTHZX_API_KEY']}"},
json={
"subject": {"id": "user-123", "type": "user"},
"resource": {"type": "document", "name": "Engineering Wiki"},
"action": {"name": "read"},
},
)
data = r.json()
print("allowed" if data["decision"] else "denied", "-", data["context"]["reason"])
Agent mode — point at a local AuthzX Agent
The AuthzX Agent runs next to your service on localhost:8181, evaluates decisions from a locally cached policy bundle, and skips the network roundtrip to cloud. Recommended for hot paths where sub-millisecond latency matters.
Same SDKs, swap the base URL:
// Go — no API key needed; the agent authenticates with cloud itself
client := authzx.NewClient("", authzx.WithBaseURL("http://localhost:8181"))
// Node
const authzx = new AuthzX({ baseUrl: "http://localhost:8181" })
# Python
client = AuthzX(base_url="http://localhost:8181")
The request shape is identical in cloud and agent mode, so you can flip between them without changing call sites — useful for tests (cloud) vs production hot paths (agent).
Related
- Authorize API — full request and response reference.
- SDKs & CLI — install instructions and long-form SDK docs.
- AuthzX Agent — install, configure, and monitor a local AuthzX Agent.
- Quick Start — end-to-end walk from zero to first decision.