Skip to main content
A Gate is a lightweight library you embed in your service to verify Passports and make allow/deny decisions.

How Gates Work

  1. Agent presents a Passport with its request
  2. Gate verifies the cryptographic signature
  3. Gate checks permissions against the requested action/resource
  4. Gate returns an allow/deny decision
All of this happens locally — no network calls required.

Basic Usage

from uniplex import Gate, TrustProfile

gate = Gate(profile=TrustProfile.L1)

decision = gate.authorize_simple(
    passport=passport,
    action="read"
)

if decision.allowed:
    # Proceed
    pass
else:
    print(f"Denied: {decision.reason_code}")

Decision Object

The decision returned by the gate contains:
FieldTypeDescription
allowedboolWhether the action is permitted
reasonCodestringReason code if denied
passportIdstringID of the passport that was checked
agentIdstringID of the agent

Trust Profiles

Gates operate at one of three trust levels:
from uniplex import Gate, TrustProfile

# Development/testing
gate = Gate(profile=TrustProfile.L1)

# Production
gate = Gate(profile=TrustProfile.L2)

# High assurance
gate = Gate(profile=TrustProfile.L3)
See Trust Profiles for details on each level.

Configuration

from uniplex import Gate, TrustProfile

gate = Gate(
    profile=TrustProfile.L2,
    policy={
        "allow_self_issued": False,
        "allowed_issuers": ["issuer:acme", "issuer:partner"]
    }
)