@sourceregistry/node-opa – Lightweight TypeScript Client for OPA REST APIA minimal, dependency-free TypeScript client for interacting with the Open Policy Agent (OPA) REST API. Built with native fetch, supports modern browser and Node.js environments (v18+), and includes optional gzip compression for large payloads.
Note: This library is still a work in progress
fetch and CompressionStreamnpm install @sourceregistry/node-opa
Note: Requires a runtime that supports
fetchand (optionally)CompressionStream. In Node.js, use version 18+ or polyfillfetch.
import { OPAClient } from '@sourceregistry/node-opa';
// Initialize client
const opa = new OPAClient({
baseUrl: 'http://localhost:8181',
headers: {
// Optional: add auth or custom headers
// 'Authorization': 'Bearer <token>'
}
});
// List all policies
const policies = await opa.policy.list();
console.log(policies.result);
// Evaluate a policy decision
const result = await opa.data.post('example/allow', {
input: { user: 'alice', action: 'read' }
});
console.log(result.result); // true / false / data
// Add a new policy
await opa.policy.put('authz.rego', `
package example
allow if {
input.user == "admin"
}
`);
The client exposes grouped methods under intuitive namespaces:
opa.policy.list() – list all policiesopa.policy.get(id) – retrieve a policy by IDopa.policy.put(id, rego) – create or update a policyopa.policy.delete(id) – remove a policyopa.data.get(path, options) – read a document (GET with query params)opa.data.post(path, { input }) – read with input in body (POST)opa.data.webhook(path, input) – webhook-style evaluation (/v0)opa.data.put(path, doc) – create/overwrite a documentopa.data.patch(path, ops) – apply JSON Patch (RFC 6902)opa.data.delete(path) – delete a documentopa.query.default(input) – evaluate default decision (POST /)opa.query.adhoc(query, input?) – run ad-hoc Rego queryopa.compile.partialEval(req) – partial evaluation for optimizationopa.compile.filter(path, req, accept) – compile to SQL or other filtersopa.health.check() – standard health checkopa.health.custom('ready') – custom /health/<name> endpointsopa.config.get() – retrieve active configurationopa.status.get() – get operational statusSee OPA REST API docs for full endpoint details.
new OPAClient({
baseUrl: 'http://opa:8181', // required
headers: {
// Custom headers (avoid overriding Content-Type, Accept, etc.)
'X-Custom-Header': 'value'
}
})
Warning: Avoid setting
Accept,Content-Typeor encoding headers inheadersthey are managed internally.
If your OPA instance uses token authentication:
const opa = new OPAClient({
baseUrl: 'https://opa.example.com',
headers: {
'Authorization': 'Bearer your-secret-token'
}
});
Ensure OPA is started with --authentication=token.
All responses are strongly typed. Common types include:
Document = any – generic JSON-like dataPolicyModule – policy metadata with raw and astGetDataResponse<T> – includes result, metrics, provenance, etc.CompressionStream is unavailablePromisesMIT
Note: This client is community-maintained and not officially affiliated with the Open Policy Agent project. Refer to OPA’s official documentation for API semantics and behavior.