Open Policy Agent (OPA) REST API
openpolicy · Data
OPA provides policy-based control for cloud native environments. The following *endpoints* (such as `PUT /v1/policies`) provide reference documentation for the OPA REST API. ### API specification viewing options - **[View the specification in *Redoc* (default)](index.html)** - **[View the specification in *Swagger UI*](swagger-ui.html)**
Authentication
Sample Requests
This API endpoint verifies that the server is operational. The response from the server is either 200 or 500: - **200** - OPA service is healthy. If `bundles` is true, then all configured bundles have been activated. If `plugins` is true, then all plugins are in an 'OK' state. - **500** - OPA servi
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/health?bundles=true&plugins=true"
import requests
params = {
"bundles": "true",
"plugins": "true"
}
response = requests.get(
"https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/health",
params=params,
)
print(response.json())const url = new URL('https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/health');
url.searchParams.set('bundles', 'true');
url.searchParams.set('plugins', 'true');
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/health")
q := baseURL.Query()
q.Set("bundles", "true")
q.Set("plugins", "true")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/health")
uri.query = URI.encode_www_form({
"bundles" => "true",
"plugins" => "true"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/health?" . http_build_query([
"bundles" => "true",
"plugins" => "true"
]);
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));This API endpoint responds with active configuration (result response) --- **Note** The `credentials` field in the `services` configuration and The `private_key` and `key` fields in the `keys` configuration will be omitted from the API response ---
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/config?pretty=true"
import requests
params = {
"pretty": "true"
}
response = requests.get(
"https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/config",
params=params,
)
print(response.json())const url = new URL('https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/config');
url.searchParams.set('pretty', 'true');
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/config")
q := baseURL.Query()
q.Set("pretty", "true")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/config")
uri.query = URI.encode_www_form({
"pretty" => "true"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/config?" . http_build_query([
"pretty" => "true"
]);
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));This API endpoint responds with a list of all policy modules on the server (result response)
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/policies?pretty=true"
import requests
params = {
"pretty": "true"
}
response = requests.get(
"https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/policies",
params=params,
)
print(response.json())const url = new URL('https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/policies');
url.searchParams.set('pretty', 'true');
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/policies")
q := baseURL.Query()
q.Set("pretty", "true")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/policies")
uri.query = URI.encode_www_form({
"pretty" => "true"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/openpolicy.local/0.28.0/v1/policies?" . http_build_query([
"pretty" => "true"
]);
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- See official documentation for authentication and setup.
What can you build with Open Policy Agent (OPA) REST API?
Open Policy Agent (OPA) REST API is a Data API. Developers commonly use data APIs for:
- enriching your app with third-party datasets
- building data pipelines and ETL workflows
- querying and searching large datasets
- powering research, analysis, and reporting tools
- syncing reference data into your own systems
No authentication required. This API is open — no signup or key needed. Ideal for quick prototypes and public-facing features. Open Policy Agent (OPA) REST API is free to use, making it a low-risk choice to experiment with.
New to APIs? Read our beginner's guide · Learn about API keys · What is REST?