Define a policy package with a partial rule that builds a set of allowed resource IDs for any principal: 'package authz; allowed_resources[resource_id] { data.bindings[binding]; binding.principal == input.principal; binding.resource_id == resource_id; data.permissions[binding.role][input.action] }'
Use OPA's partial evaluation API endpoint: POST /v1/compile with body {"query": "data.authz.allowed_resources[_]", "input": {"principal": "user:alice", "action": "read"}, "unknowns": ["data.bindings"]}'
OPA returns a partial evaluation result containing a residual policy that can be compiled to a SQL WHERE clause or other filter expression
Cache the compiled residual by principal+action and invalidate on policy or binding changes by subscribing to the bundle status API
For SQL backends, translate the residual AST to a WHERE clause: if the residual is 'true', allow all; if it references specific IDs, emit 'WHERE id IN (id1, id2, ...)'
Test the policy using 'opa eval --partial --unknowns input.resource_id --data policy.rego --input input.json "data.authz.allow"'
Known gotchas
Partial evaluation produces a residual that may not be a simple enumerable set; if the policy contains arithmetic or string operations on unknowns, the residual may be a complex expression that cannot be mapped to a simple SQL filter
The 'unknowns' list must include every variable you want OPA to leave unresolved; forgetting to list a data key causes OPA to resolve it at compile time and bake stale data into the residual
Partial evaluation performance depends on policy complexity; a policy with many joins or recursive rules can produce very large residuals — benchmark before deploying to high-traffic paths
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp