# Oso Cloud Documentation

## Docs

- [Delete facts](https://www.osohq.com/docs/api-reference/centralized-authorization-data/delete-facts.md): Deletes a fact. Does not throw an error when the fact is not found.
- [Post batch](https://www.osohq.com/docs/api-reference/centralized-authorization-data/post-batch.md): Deletes and adds many facts in one atomic batch. Facts are inserted and deleted in-order (ie: `insert`ed facts may be `delete`d in the same transaction). `null` can be used as a wildcard in deleted facts. Does not throw an error when the facts to delete are not found.
- [Post bulk](https://www.osohq.com/docs/api-reference/centralized-authorization-data/post-bulk.md): Deletes and adds many facts in one atomic transaction. The deletions are performed before the adds. `null` can be used as a wildcard in facts in delete. Does not throw an error when the facts to delete are not found.
- [Post bulk delete](https://www.osohq.com/docs/api-reference/centralized-authorization-data/post-bulk_delete.md): Delete many facts in a single transaction.
- [Post bulk load](https://www.osohq.com/docs/api-reference/centralized-authorization-data/post-bulk_load.md): Adds many facts at once.
- [Post clear data](https://www.osohq.com/docs/api-reference/centralized-authorization-data/post-clear_data.md)
- [Post facts](https://www.osohq.com/docs/api-reference/centralized-authorization-data/post-facts.md): Adds a new fact.
- [Post actions](https://www.osohq.com/docs/api-reference/check-api/post-actions.md): Fetches a list of actions which an actor can perform on a particular resource.
- [Post authorize](https://www.osohq.com/docs/api-reference/check-api/post-authorize.md): Determines whether or not an actor can take an action on a resource, based on a combination of authorization data and policy logic.
- [Post authorize resources](https://www.osohq.com/docs/api-reference/check-api/post-authorize_resources.md): Returns a subset of resources on which an actor can perform a particular action. Ordering and duplicates, if any exist, are preserved.
- [Post evaluate query](https://www.osohq.com/docs/api-reference/check-api/post-evaluate_query.md): Query v2: query for any expression.
- [Post list](https://www.osohq.com/docs/api-reference/check-api/post-list.md): Fetches a list of resource IDs on which an actor can perform a particular action. Supports pagination: provide `page_size` to receive results in pages, with a `next_page_token` in the response for fetching subsequent pages.
- [Post query](https://www.osohq.com/docs/api-reference/check-api/post-query.md): Query v1: query for any predicate and any combination of concrete and wildcard arguments.
- [Post actions query](https://www.osohq.com/docs/api-reference/local-check-api/post-actions_query.md)
- [Post authorize query](https://www.osohq.com/docs/api-reference/local-check-api/post-authorize_query.md): Fetches a query that can be run against your database to determine whether an actor can perform an action on a resource.
- [Post evaluate query local](https://www.osohq.com/docs/api-reference/local-check-api/post-evaluate_query_local.md): Fetches a SQL query that can be run against your database to answer arbitrary questions about authorization.
- [Post list query](https://www.osohq.com/docs/api-reference/local-check-api/post-list_query.md): Fetches a filter that can be applied to a database query to return just the resources on which an actor can perform an action.
- [Get policy](https://www.osohq.com/docs/api-reference/policy/get-policy.md): Gets the currently active policy in Oso Cloud. The policy is expressed as a string containing [Polar](https://www.osohq.com/docs/modeling-in-polar/reference) code.
- [Get policy metadata](https://www.osohq.com/docs/api-reference/policy/get-policy_metadata.md): Returns metadata about the currently active policy.
- [Post policy](https://www.osohq.com/docs/api-reference/policy/post-policy.md): Updates the policy in Oso Cloud. The policy should be represented as a string containing [Polar](https://www.osohq.com/docs/modeling-in-polar/reference) code.
- [Configuring your account](https://www.osohq.com/docs/deploy/account-management/configuration.md): Manage users, environments, and API keys in Oso Cloud Pro or Enterprise.
- [Service limits](https://www.osohq.com/docs/deploy/account-management/rate-limits.md): Operational limits Oso Cloud enforces to ensure stable and predictable performance.
- [Single Sign-On (SSO) Configuration](https://www.osohq.com/docs/deploy/account-management/sso.md): Configure OpenID Connect (OIDC) authentication for your Oso Cloud organization with Okta or Microsoft Entra.
- [Backup & Point-in-time Recovery](https://www.osohq.com/docs/deploy/backups-and-recovery.md): Recover your environment to a previous point in time
- [CI/CD with Oso Cloud](https://www.osohq.com/docs/deploy/ci-cd.md): Automate authorization testing and deployment in your CI/CD pipeline.
- [Deployment models](https://www.osohq.com/docs/deploy/deployment-models.md)
- [Oso Fallback - Hybrid Deployment](https://www.osohq.com/docs/deploy/fallback-nodes.md): Read-only instances for hybrid deployments
- [Authorize Requests](https://www.osohq.com/docs/develop/enforce/authorize-requests.md): Learn how to implement authorization decisions using Oso Cloud's authorize, list, and actions APIs across all supported SDKs.
- [Enforcement strategies](https://www.osohq.com/docs/develop/enforce/enforcement-strategies.md): Best practices for implementing secure, scalable authorization across service, business logic, data access, and presentation layers.
- [List filtering](https://www.osohq.com/docs/develop/enforce/list-filtering.md): Generate filtered lists of authorized resources
- [Query Oso Cloud](https://www.osohq.com/docs/develop/enforce/query-facts.md): Use queries to determine which users have specific permissions, which resources a user can access, or to debug authorization issues.
- [Context Facts](https://www.osohq.com/docs/develop/facts/context-facts.md)
- [Export Facts](https://www.osohq.com/docs/develop/facts/export-facts.md)
- [Insert facts](https://www.osohq.com/docs/develop/facts/insert-facts.md)
- [Local Authorization](https://www.osohq.com/docs/develop/facts/local-authorization.md)
- [Overview of Facts](https://www.osohq.com/docs/develop/facts/overview.md)
- [Sync facts](https://www.osohq.com/docs/develop/facts/sync-facts.md)
- [Update facts](https://www.osohq.com/docs/develop/facts/update-facts.md)
- [Environment Setup](https://www.osohq.com/docs/develop/local-dev/env-setup.md): Install and configure the CLI and editor tools for working with Oso Cloud.
- [Oso MCP Server](https://www.osohq.com/docs/develop/local-dev/mcp.md): Integrate your local LLM setup with Oso Cloud APIs via our MCP server.
- [Oso Dev Server](https://www.osohq.com/docs/develop/local-dev/oso-dev-server.md): Run Oso Cloud locally for faster development and testing.
- [Oso Migrate (Beta)](https://www.osohq.com/docs/develop/local-dev/oso-migrate.md): Develop on Oso Cloud with confidence using automated comparison and debugging tools.
- [Model Attribute-Based Access Control (ABAC)](https://www.osohq.com/docs/develop/policies/abac.md): Best practices for modeling attribute-based access control in Oso Cloud.
- [Fine-grained Authorization (FGA)](https://www.osohq.com/docs/develop/policies/fga.md)
- [Model Field-Level Authorization](https://www.osohq.com/docs/develop/policies/field-level-authorization.md)
- [Overview of Polar Language and Syntax](https://www.osohq.com/docs/develop/policies/overview.md)
- [Conditional Roles](https://www.osohq.com/docs/develop/policies/patterns/conditional-roles.md)
- [Custom Roles](https://www.osohq.com/docs/develop/policies/patterns/custom-roles.md)
- [Entitlements](https://www.osohq.com/docs/develop/policies/patterns/entitlements.md)
- [Impersonation](https://www.osohq.com/docs/develop/policies/patterns/impersonation.md)
- [Organization Hierarchies](https://www.osohq.com/docs/develop/policies/patterns/organizational-hierarchy.md)
- [Resource Creation](https://www.osohq.com/docs/develop/policies/patterns/resource-creation.md)
- [Resource Sharing](https://www.osohq.com/docs/develop/policies/patterns/resource-sharing.md)
- [Time-based Checks](https://www.osohq.com/docs/develop/policies/patterns/time-based-checks.md)
- [User Groups](https://www.osohq.com/docs/develop/policies/patterns/user-groups.md)
- [Policy Preview](https://www.osohq.com/docs/develop/policies/policy-preview.md): Preview and benchmark policy changes before deploying to production.
- [Model Role-Based Access Control (RBAC)](https://www.osohq.com/docs/develop/policies/rbac.md): Best practices for modeling role-based access control in Oso Cloud.
- [Model Relationship-Based Access Control (ReBAC)](https://www.osohq.com/docs/develop/policies/rebac.md): Best practices for modeling relationship-based access control in Oso Cloud.
- [Debugging a Policy](https://www.osohq.com/docs/develop/troubleshooting/debugging.md): Debug unexpected results from Oso Cloud using Logs and Explain.
- [Logs and auditing](https://www.osohq.com/docs/develop/troubleshooting/logs.md): View and monitor authorization activity in Oso Cloud
- [Query performance](https://www.osohq.com/docs/develop/troubleshooting/query-performance.md): Diagnose and optimize slow authorization queries in Oso Cloud.
- [An Introduction to Oso Cloud](https://www.osohq.com/docs/get-started/introduction.md)
- [Oso Cloud Quickstart](https://www.osohq.com/docs/get-started/quickstart.md): Authorize your first user with Oso Cloud
- [Authorize with Oso Cloud](https://www.osohq.com/docs/learn/guides/adopt-local-authorization/authorize-with-oso-cloud.md)
- [Send data as context facts](https://www.osohq.com/docs/learn/guides/adopt-local-authorization/data-as-context-facts.md)
- [Extract authorization logic](https://www.osohq.com/docs/learn/guides/adopt-local-authorization/extract-logic.md)
- [Getting started](https://www.osohq.com/docs/learn/guides/adopt-local-authorization/getting-started.md)
- [Implement in Oso Cloud](https://www.osohq.com/docs/learn/guides/adopt-local-authorization/implement-in-oso-cloud.md)
- [Replace Context Facts with Local Authorization](https://www.osohq.com/docs/learn/guides/adopt-local-authorization/replace-with-local-authorization.md)
- [Integrating Authentication (Identity) Data](https://www.osohq.com/docs/learn/guides/authentication.md)
- [How to map relational data to facts](https://www.osohq.com/docs/learn/guides/map-relational-data-to-facts.md)
- [Best Practices for Frontend Authorization](https://www.osohq.com/docs/learn/guides/ui.md)
- [An End-to-End Example Securing a Real World App with Oso Cloud](https://www.osohq.com/docs/learn/tutorials/end-to-end-example.md)
- [An illustration of a local development workflow for Oso Cloud](https://www.osohq.com/docs/learn/tutorials/workflow-walkthrough.md)
- [Alerts](https://www.osohq.com/docs/oso-for-agents/alerts.md): Get alerted when Oso detects unsanctioned agents or sensitive data in sessions.
- [Data Privacy](https://www.osohq.com/docs/oso-for-agents/data-privacy.md): Learn how Oso processes AI agent activity data.
- [Browser Extension](https://www.osohq.com/docs/oso-for-agents/integrations/browser-extension.md): Monitor browser-based AI tool usage alongside your coding agents.
- [Edge Proxy](https://www.osohq.com/docs/oso-for-agents/integrations/edge-proxy.md): Route agent traffic through Oso's edge proxy for full session monitoring.
- [EDR](https://www.osohq.com/docs/oso-for-agents/integrations/edr.md): Discover AI agents installed on employee devices via your EDR platform.
- [CrowdStrike](https://www.osohq.com/docs/oso-for-agents/integrations/edr/crowdstrike.md): Connect CrowdStrike Falcon to Oso to scan endpoints for unsanctioned AI agents.
- [Managed Deployment](https://www.osohq.com/docs/oso-for-agents/integrations/managed-deployment.md): Deploy Oso across your organization via MDM.
- [Slack](https://www.osohq.com/docs/oso-for-agents/integrations/slack.md): Receive Oso alert notifications in Slack.
- [Tailscale Aperture](https://www.osohq.com/docs/oso-for-agents/integrations/tailscale-aperture.md): Connect Oso to Tailscale Aperture for network-level agent visibility.
- [Overview](https://www.osohq.com/docs/oso-for-agents/overview.md): Discover what AI agents your employees are using, monitor what they're doing, and get alerted when something is wrong.
- [Quickstart: Oso for Agents](https://www.osohq.com/docs/oso-for-agents/quickstart-coding-agents.md): Route agent traffic through Oso to see what your AI agents are doing.
- [Session Monitoring](https://www.osohq.com/docs/oso-for-agents/session-monitoring.md): See what AI agents are doing inside their sessions: prompts, completions, tool calls, and data flow.
- [Shadow AI](https://www.osohq.com/docs/oso-for-agents/shadow-ai.md): Discover what AI agents your employees are using across endpoints, browsers, and network traffic.
- [Delete facts](https://www.osohq.com/docs/reference/api/centralized-authorization-data/delete-facts.md): Deletes a fact. Does not throw an error when the fact is not found.
- [Post batch](https://www.osohq.com/docs/reference/api/centralized-authorization-data/post-batch.md): Deletes and adds many facts in one atomic batch. Facts are inserted and deleted in-order (ie: `insert`ed facts may be `delete`d in the same transaction). `null` can be used as a wildcard in deleted facts. Does not throw an error when the facts to delete are not found.
- [Post bulk](https://www.osohq.com/docs/reference/api/centralized-authorization-data/post-bulk.md): Deletes and adds many facts in one atomic transaction. The deletions are performed before the adds. `null` can be used as a wildcard in facts in delete. Does not throw an error when the facts to delete are not found.
- [Post bulk delete](https://www.osohq.com/docs/reference/api/centralized-authorization-data/post-bulk_delete.md): Delete many facts in a single transaction.
- [Post bulk load](https://www.osohq.com/docs/reference/api/centralized-authorization-data/post-bulk_load.md): Adds many facts at once.
- [Post clear data](https://www.osohq.com/docs/reference/api/centralized-authorization-data/post-clear_data.md)
- [Post facts](https://www.osohq.com/docs/reference/api/centralized-authorization-data/post-facts.md): Adds a new fact.
- [Post actions](https://www.osohq.com/docs/reference/api/check-api/post-actions.md): Fetches a list of actions which an actor can perform on a particular resource.
- [Post authorize](https://www.osohq.com/docs/reference/api/check-api/post-authorize.md): Determines whether or not an actor can take an action on a resource, based on a combination of authorization data and policy logic.
- [Post authorize resources](https://www.osohq.com/docs/reference/api/check-api/post-authorize_resources.md): Returns a subset of resources on which an actor can perform a particular action. Ordering and duplicates, if any exist, are preserved.
- [Post evaluate query](https://www.osohq.com/docs/reference/api/check-api/post-evaluate_query.md): Query v2: query for any expression.
- [Post list](https://www.osohq.com/docs/reference/api/check-api/post-list.md): Fetches a list of resource IDs on which an actor can perform a particular action.
- [Post query](https://www.osohq.com/docs/reference/api/check-api/post-query.md): Query v1: query for any predicate and any combination of concrete and wildcard arguments.
- [Post actions query](https://www.osohq.com/docs/reference/api/local-check-api/post-actions_query.md)
- [Post authorize query](https://www.osohq.com/docs/reference/api/local-check-api/post-authorize_query.md): Fetches a query that can be run against your database to determine whether an actor can perform an action on a resource.
- [Post evaluate query local](https://www.osohq.com/docs/reference/api/local-check-api/post-evaluate_query_local.md): Fetches a SQL query that can be run against your database to answer arbitrary questions about authorization.
- [Post list query](https://www.osohq.com/docs/reference/api/local-check-api/post-list_query.md): Fetches a filter that can be applied to a database query to return just the resources on which an actor can perform an action.
- [Get policy](https://www.osohq.com/docs/reference/api/policy/get-policy.md): Gets the currently active policy in Oso Cloud. The policy is expressed as a string containing [Polar](https://www.osohq.com/docs/modeling-in-polar/reference) code.
- [Get policy metadata](https://www.osohq.com/docs/reference/api/policy/get-policy_metadata.md): Returns metadata about the currently active policy.
- [Post policy](https://www.osohq.com/docs/reference/api/policy/post-policy.md): Updates the policy in Oso Cloud. The policy should be represented as a string containing [Polar](https://www.osohq.com/docs/modeling-in-polar/reference) code.
- [Polar Built-In Constants](https://www.osohq.com/docs/reference/polar/constants.md)
- [Polar Polymorphism](https://www.osohq.com/docs/reference/polar/extends.md)
- [Facts as Data](https://www.osohq.com/docs/reference/polar/facts-as-data.md)
- [The Polar Language in Oso Cloud](https://www.osohq.com/docs/reference/polar/introduction.md)
- [Polar Operators](https://www.osohq.com/docs/reference/polar/operators.md)
- [Resource Blocks](https://www.osohq.com/docs/reference/polar/resource-blocks.md)
- [Polar Rules and Facts](https://www.osohq.com/docs/reference/polar/rules-and-facts.md)
- [Polar Tests](https://www.osohq.com/docs/reference/polar/tests.md)
- [Polar Built-In Types](https://www.osohq.com/docs/reference/polar/types.md)
- [Authorization Checks](https://www.osohq.com/docs/reference/sdks/authorization-checks.md): Enforce permissions in your app.
- [.NET SDK Changelog](https://www.osohq.com/docs/reference/sdks/changelog/dotnet.md): Changelog of updates to Oso Cloud .NET SDK.
- [Fallback Node Changelog](https://www.osohq.com/docs/reference/sdks/changelog/fallback.md): Changelog of updates to Oso Cloud Fallback Node.
- [Go SDK Changelog](https://www.osohq.com/docs/reference/sdks/changelog/go.md): Changelog of updates to Oso Cloud Go SDK.
- [Java SDK Changelog](https://www.osohq.com/docs/reference/sdks/changelog/java.md): Changelog of updates to Oso Cloud Java SDK.
- [Node.js SDK Changelog](https://www.osohq.com/docs/reference/sdks/changelog/nodejs.md): Changelog of updates to Oso Cloud Node.js SDK.
- [CLI Changelog](https://www.osohq.com/docs/reference/sdks/changelog/oso-cloud-cli.md): Changelog of updates to Oso Cloud CLI.
- [Dev Server Changelog](https://www.osohq.com/docs/reference/sdks/changelog/oso-dev-server.md): Changelog of updates to Oso Dev Server.
- [Python SDK Changelog](https://www.osohq.com/docs/reference/sdks/changelog/python.md): Changelog of updates to Oso Cloud Python SDK.
- [Ruby SDK Changelog](https://www.osohq.com/docs/reference/sdks/changelog/ruby.md): Changelog of updates to Oso Cloud Ruby SDK.
- [VSCode Extension Changelog](https://www.osohq.com/docs/reference/sdks/changelog/vscode-extension.md): Changelog of updates to Oso Cloud VSCode extension.
- [What's New in Oso Cloud](https://www.osohq.com/docs/reference/sdks/changelog/whats-new.md)
- [Facts Management](https://www.osohq.com/docs/reference/sdks/facts.md): CRUD operations for managing facts.
- [Installation and Setup](https://www.osohq.com/docs/reference/sdks/install.md): Install and configure the Oso Cloud SDKs.
- [SQLAlchemy Local Authorization Integration](https://www.osohq.com/docs/reference/sdks/integrations/sqlalchemy.md): Use SQLAlchemy to execute local authorization queries.
- [Local Authorization](https://www.osohq.com/docs/reference/sdks/local-authorization.md): Perform authorization checks directly against your database for better performance.
- [Migration Guide](https://www.osohq.com/docs/reference/sdks/migration-guide.md): Migrate Oso Cloud client libraries to the latest versions.
- [Oso Cloud SDKs](https://www.osohq.com/docs/reference/sdks/overview.md): Welcome to the Oso Cloud SDK documentation.
- [Policy Management](https://www.osohq.com/docs/reference/sdks/policies.md): Deploy and manage Polar authorization policies in Oso Cloud.
- [SDK Specific Guidance](https://www.osohq.com/docs/reference/sdks/sdk-specific-guidance.md): Use Oso SDKs with language-specific features and idioms.

## OpenAPI Specs

- [openapi](https://www.osohq.com/docs/reference/openapi.json)

## Optional

- [Blog](https://osohq.com/blog)
- [Status Page](https://oso.statuspage.io/)