Quick Start
Get from zero to your first access check in 5 minutes.
1. Sign in to the Console
Go to console.authzx.com and sign in.
2. Create a Namespace
A namespace is a container for your authorization model. Create one for each application or service you want to protect.
Go to Namespaces in the sidebar and click Create Namespace.
Example: CRM Platform
3. Get your API Key
Go to Settings > API Keys and create a new API key. Save it — you'll use this to authenticate API calls.
Your API key is scoped to your tenant. All resources, subjects, and policies you create are isolated to your tenant.
4. Define a Resource Type
Resource types describe the categories of things you want to protect, and what actions are available on them.
Go to Resources > Resource Types and create one.
Example:
- Name:
document - Actions:
read,write,delete,share
5. Create a Resource
Resources are specific instances of a resource type.
Go to Resources and create one.
Example:
- Name:
Engineering Wiki - Type:
document
6. Add a Subject
Subjects are the actors in your system — users, services, devices.
Go to Subjects and add one.
Example:
- Name:
Alice - Type:
user
7. Create a Role and Policy
Go to Roles and create a role (e.g., editor), then go to Policies and create a policy:
- Name:
editors-can-read-write - Effect:
ALLOW - Actions:
read,write - Resource type:
document
Assign the policy to the editor role, then assign the editor role to Alice.
8. Make your first API call
curl -X POST https://api.authzx.com/policy-srv/v1/evaluate \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"subject": {
"id": "ALICE_SUBJECT_ID",
"type": "user"
},
"resource": {
"type": "document",
"id": "ENGINEERING_WIKI_RESOURCE_ID"
},
"action": "read"
}'
Response:
{
"allowed": true,
"reason": "Policy 'editors-can-read-write' grants access",
"policy_id": "...",
"access_path": "role"
}
Try changing the action to delete — it should return "allowed": false since the policy only allows read and write.
What's next
- Core Concepts — Understand the full authorization model.
- Code Examples — Integration examples for your language.
- Evaluate API — Full request/response reference.