Skip to content
Latchkey

What Is an Authorization Policy?

An authorization policy is a rule set that controls service-to-service access in a mesh, granting or denying requests based on the callers verified identity, source, method, and path. It builds on the strong identity that mutual TLS provides. Policies can default to deny, so only explicitly allowed traffic flows.

Why it matters

Authorization policies enforce least-privilege between services, so a compromised workload cannot freely call everything. They turn network identity into access control.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →