enterprise/flex-auth integration layer

2026-05-04 17:54:52 +02:00
parent e33f296bdb
commit 6cb3b7b172
17 changed files with 1240 additions and 23 deletions
--- a/examples/workflows/policy-aware-review.workflow.md
+++ b/examples/workflows/policy-aware-review.workflow.md
@@ -0,0 +1,35 @@
+# Policy-Aware Review Workflow
+
+```yaml workflow
+metadata:
+  id: policy-aware-review
+intent:
+  summary: Declare enterprise identity and policy mapping for a review workflow.
+inputs:
+  note:
+    file: ../policy/private/internal-note.md
+    selector: sections[heading=Decision]
+steps:
+  shape:
+    kind: shape
+    data:
+      note: ${sources.note.items}
+outputs:
+  review:
+    path: out/policy-aware-review.md
+    content: ${steps.shape.value.note}
+permissions:
+  policy:
+    subject_from_token: examples/policy/netkingdom-claims.yaml
+    policy_map: examples/policy/enterprise-policy-map.yaml
+    required_assurance:
+      mfa: true
+    decision_log: .markitect/policy-decisions.jsonl
+  flex_auth:
+    resource_manifest: examples/policy/flex-auth-resource-manifest.yaml
+responsibilities:
+  system:
+    enforces_policy: true
+  human:
+    reviews_denials: true
+```