opentdf · jp-ayyappan · Aug 25, 2025 · Aug 11, 2025 · Aug 11, 2025 · Aug 11, 2025
@@ -14,13 +14,14 @@ import (
 	"log"
 
 	"github.com/opentdf/platform/protocol/go/authorization"
+	"github.com/opentdf/platform/protocol/go/entity"
 	"github.com/opentdf/platform/protocol/go/policy"
 	"github.com/opentdf/platform/sdk"
 )
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -32,47 +33,40 @@ func main() {
 		log.Fatal(err)
 	}
 
-	// Get Entitlements
-
-	decision := &authorization.GetDecisionsRequest{
-		DecisionRequests: []*authorization.DecisionRequest{
-			{
-				Actions: []*policy.Action{
-					{
-						Value: &policy.Action_Standard{
-							Standard: policy.Action_STANDARD_ACTION_DECRYPT,
-						},
-					},
-				},
-				EntityChains: []*authorization.EntityChain{
+	// Get Decision using v2 API
+	decisionReq := &authorization.GetDecisionRequest{
+		EntityIdentifier: &authorization.EntityIdentifier{
+			EntityChain: &entity.EntityChain{
+				Entities: []*entity.Entity{
 					{
-						Id: "entity-chain-1",
-						Entities: []*authorization.Entity{
-							{
-								Id: "entity-1",
-								EntityType: &authorization.Entity_ClientId{
-									ClientId: "opentdf",
-								},
-							},
+						Id: "entity-1",
+						EntityType: &entity.Entity_ClientId{
+							ClientId: "opentdf",
 						},
 					},
 				},
-				ResourceAttributes: []*authorization.ResourceAttribute{
-					{
-						ResourceAttributesId: "resource-attribute-1",
-						AttributeValueFqns:   []string{"https://opentdf.io/attr/role/value/developer"},
-					},
-				},
+			},
+		},
+		Action: &policy.Action{
+			Name: "decrypt",
+		},
+		Resource: &authorization.Resource{
+			AttributeValues: &authorization.Resource_AttributeValues{
+				Fqns: []string{"https://opentdf.io/attr/role/value/developer"},
 			},
 		},
 	}
 
-	decisions, err := client.Authorization.GetDecisions(context.Background(), decision)
+	decision, err := client.Authorization.GetDecision(context.Background(), decisionReq)
 	if err != nil {
 		log.Fatal(err)
 	}
 
-	log.Printf("Decisions: %v", decisions.GetDecisionResponses())
+	decisionResult := decision.GetDecision()
+	log.Printf("Decision: %v", decisionResult.GetDecision())
+	if decisionResult.GetDecision() == authorization.Decision_DECISION_PERMIT && len(decisionResult.GetObligations()) > 0 {
+		log.Printf("Obligations: %v", decisionResult.GetObligations())
+	}
 }
 ```
 
@@ -86,35 +80,54 @@ import io.opentdf.platform.sdk.*;
 import java.util.concurrent.ExecutionException;
 
 import io.opentdf.platform.authorization.*;
-import io.opentdf.platform.policy.Action;
+import io.opentdf.platform.entity.*;
+import io.opentdf.platform.policy.*;
 
-import java.util.List;
-
-public class GetDecisions {
+public class GetDecision {
     public static void main(String[] args) throws ExecutionException, InterruptedException{
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)
                 .clientSecret(clientId, clientSecret).useInsecurePlaintextConnection(true)
                 .build();
 
-        GetDecisionsRequest request = GetDecisionsRequest.newBuilder()
-        .addDecisionRequests(DecisionRequest.newBuilder()
-        .addEntityChains(EntityChain.newBuilder().setId("ec1").addEntities(Entity.newBuilder().setId("entity-1").setClientId("opentdf")))
-        .addActions(Action.newBuilder().setStandard(Action.StandardAction.STANDARD_ACTION_DECRYPT))
-        .addResourceAttributes(ResourceAttribute.newBuilder().setResourceAttributesId("resource-attribute-1")
-            .addAttributeValueFqns("https://mynamespace.com/attr/test/value/test1"))
-        ).build();
-
-        GetDecisionsResponse resp = sdk.getServices().authorization().getDecisions(request).get();
-
-        List<DecisionResponse> decisions = resp.getDecisionResponsesList();
-
-        System.out.println(DecisionResponse.Decision.forNumber(decisions.get(0).getDecisionValue()));
+        // Get Decision using v2 API
+        GetDecisionRequest request = GetDecisionRequest.newBuilder()
+            .setEntityIdentifier(
+                EntityIdentifier.newBuilder()
+                    .setEntityChain(
+                        EntityChain.newBuilder()
+                            .addEntities(
+                                Entity.newBuilder()
+                                    .setId("entity-1")
+                                    .setClientId("opentdf")
+                            )
+                    )
+            )
+            .setAction(
+                Action.newBuilder()
+                    .setName("decrypt")
+            )
+            .setResource(
+                Resource.newBuilder()
+                    .setAttributeValues(
+                        Resource.AttributeValues.newBuilder()
+                            .addFqns("https://opentdf.io/attr/role/value/developer")
+                    )
+            )
+            .build();
+
+        GetDecisionResponse resp = sdk.getServices().authorization().getDecision(request).get();
+
+        Decision decision = resp.getDecision();
+        System.out.println("Decision: " + decision.getDecision());
+        if (decision.getDecision() == Decision.DECISION_PERMIT && decision.getObligationsCount() > 0) {
+            System.out.println("Obligations: " + decision.getObligationsList());
+        }
     }
 }
 ```
@@ -123,6 +136,55 @@ public class GetDecisions {
 <TabItem value="js" label="Javascript">
 
 ```javascript
+const { AuthzClient } = require('@opentdf/client');
+
+async function main() {
+  const platformEndpoint = 'http://localhost:8080';
+  const clientId = 'opentdf';
+  const clientSecret = 'secret';
+
+  // Create a new client
+  const client = new AuthzClient({
+    endpoint: platformEndpoint,
+    auth: {
+      clientId,
+      clientSecret
+    }
+  });
+
+  // Get Decision using v2 API
+  const request = {
+    entityIdentifier: {
+      entityChain: {
+        entities: [{
+          id: 'entity-1',
+          clientId: 'opentdf'
+        }]
+      }
+    },
+    action: {
+      name: 'decrypt'
+    },
+    resource: {
+      attributeValues: {
+        fqns: ['https://opentdf.io/attr/role/value/developer']
+      }
+    }
+  };
+
+  try {
+    const response = await client.getDecision(request);
+
+    console.log('Decision:', response.decision.decision);
+    if (response.decision.decision === 'DECISION_PERMIT' && response.decision.obligations?.length > 0) {
+      console.log('Obligations:', response.decision.obligations);
+    }
+  } catch (error) {
+    console.error('Error:', error);
+  }
+}
+
+main();
 ```
 
 </TabItem>

@@ -14,12 +14,13 @@ import (
 	"log"
 
 	"github.com/opentdf/platform/protocol/go/authorization"
+	"github.com/opentdf/platform/protocol/go/entity"
 	"github.com/opentdf/platform/sdk"
 )
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -31,14 +32,17 @@ func main() {
 		log.Fatal(err)
 	}
 
-	// Get Entitlements
-
+	// Get Entitlements using v2 API
 	entitlementReq := &authorization.GetEntitlementsRequest{
-		Entities: []*authorization.Entity{
-			{
-				Id: "entity-1",
-				EntityType: &authorization.Entity_ClientId{
-					ClientId: "opentdf",
+		EntityIdentifier: &authorization.EntityIdentifier{
+			EntityChain: &entity.EntityChain{
+				Entities: []*entity.Entity{
+					{
+						Id: "entity-1",
+						EntityType: &entity.Entity_ClientId{
+							ClientId: "opentdf",
+						},
+					},
 				},
 			},
 		},
@@ -63,6 +67,7 @@ import io.opentdf.platform.sdk.*;
 import java.util.concurrent.ExecutionException;
 
 import io.opentdf.platform.authorization.*;
+import io.opentdf.platform.entity.*;
 
 import java.util.List;
 
@@ -71,22 +76,35 @@ public class GetEntitlements {
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)
                 .clientSecret(clientId, clientSecret).useInsecurePlaintextConnection(true)
                 .build();
 
+        // Get Entitlements using v2 API
         GetEntitlementsRequest request = GetEntitlementsRequest.newBuilder()
-        .addEntities(Entity.newBuilder().setId("entity-1").setClientId("opentdf"))
-        .build();
+            .setEntityIdentifier(
+                EntityIdentifier.newBuilder()
+                    .setEntityChain(
+                        EntityChain.newBuilder()
+                            .addEntities(
+                                Entity.newBuilder()
+                                    .setId("entity-1")
+                                    .setClientId("opentdf")
+                            )
+                    )
+            )
+            .build();
 
         GetEntitlementsResponse resp = sdk.getServices().authorization().getEntitlements(request).get();
 
         List<EntityEntitlements> entitlements = resp.getEntitlementsList();
 
-        System.out.println(entitlements.get(0).getAttributeValueFqnsList());
+        for (EntityEntitlements entitlement : entitlements) {
+            System.out.println("Entitled to: " + entitlement.getActionsPerAttributeValueFqnMap());
+        }
     }
 }
 ```

@@ -22,7 +22,7 @@ import (
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -83,7 +83,7 @@ public class CreateAttribute {
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)

@@ -19,7 +19,7 @@ import (
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -59,7 +59,7 @@ public class CreateNamespace {
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)

@@ -20,7 +20,7 @@ import (
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -88,7 +88,7 @@ public class CreateSubjectConditionSet {
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)

@@ -20,7 +20,7 @@ import (
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -70,7 +70,7 @@ public class CreateSubjectMapping {
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)

@@ -19,7 +19,7 @@ import (
 
 func main() {
 
-	platformEndpoint := "http://localhost:9002"
+	platformEndpoint := "http://localhost:8080"
 
 	// Create a new client
 	client, err := sdk.New(
@@ -68,7 +68,7 @@ public class ListAttributes {
 
         String clientId = "opentdf";
         String clientSecret = "secret";
-        String platformEndpoint = "localhost:8080";
+        String platformEndpoint = "http://localhost:8080";
 
         SDKBuilder builder = new SDKBuilder();
         SDK sdk = builder.platformEndpoint(platformEndpoint)