Demo — synthetic data, read-only. Nothing here is a real account. trycorridor.com

Create policy

A new policy rule is immediately evaluable on AUTHORIZE — no draft state, no publish step. Hot-reload happens via Postgres LISTEN/NOTIFY within ~1s.

Policy rule

Select the primitive, define its parameters, and pick the agents and resources it applies to.

Primitive

One of the seven V0 primitives per policy_primitives.md §4.1.

Agent selector

Resource selector

Resource IDs

Exact-match resource identifiers. Requests for these resources are denied.

Resource patterns

Constrained globs (* / ? / literals only — full regex is rejected per policy_primitives.md §8). E.g. /admin/*.

Enabled

Operational mute toggle (orthogonal to status). Disabled rules stay in cache and can be flipped back on without re-creating the row.