This document explains how to set up and use OPA policies with the Payment Agent.
-
Start OPA server:
opa run -s
-
Load the policy file:
curl -X PUT http://localhost:8181/v1/policies/payments --data-binary @example_policy.rego
You can test policies directly with OPA:
curl -X POST http://localhost:8181/v1/data/payments/allow \
-H "Content-Type: application/json" \
-d '{
"input": {
"purchase": {
"amount": 500,
"merchant": "valid_merchant",
"mcc": "valid_mcc"
}
}
}'The current example policy evaluates purchases based on:
- Amount limits (currently $1000)
- Blacklisted merchants
- Restricted MCC codes
Modify the policy according to your business requirements.
The Payment Agent sends purchase requests to OPA for evaluation. The structure sent to OPA is:
{
"input": {
"purchase": {
"userId": "user123",
"agentId": "agent456",
"amount": 100.0,
"merchant": "some_merchant",
"mcc": "some_mcc"
}
}
}OPA responds with a boolean allow/deny decision that the Payment Agent uses to determine whether to proceed with the purchase.