Projects and PDPs
Organize policies into isolated environments
Projects are isolated policy environments within your organization. Each project has its dedicated Decision Node, the Policy Decision Point (PDP) that evaluates authorization requests against your policies in real-time.
Architecture
┌─────────────┐ ┌─────────┐ ┌─────────────┐
│ Your App / │────>│ PDP │────>│ Denied │
│ Agent │<────│ │<────│ Platform │
└─────────────┘ └─────────┘ └─────────────┘
Request Evaluate Pull Policies
Response DecisionThe PDP:
- Pulls policies from your project as OPA bundles
- Receives authorization requests from your agents / applications
- Evaluates requests against loaded policies
- Returns allow/deny decisions with context
- Logs decisions for monitoring and audit
Creating a Project
- Go to Settings → Projects
- Click Create Project and enter a name
Your project will be created with:
- A unique Decision Node UUID
- A pre-shared API key for authentication
- An empty policy library
The Decision Node of a new project is inactive by default. You cannot activate the project's Decision Node on your own. Ask the Denied team to do it for you.
Secrets
API Keys
API keys authenticate authorization requests scoped to this project.
- Go to Settings → Secrets
- Go to the API Keys section
- Click Reveal Key to see it (
dnd_pk_*)
Admin API Tokens
API tokens authenticate admin operations requests scoped to this project.
- Go to Settings → Secrets
- Go to the API Tokens section
- Click Create Token and give it a name and (optional) expiration
- Copy the token (
dnd_sk_*) and store it securely — it's only shown once
Switching Projects
The current project is shown in the top navigation. Click the project name to switch — all dashboard views (Policies, Playground, Logs) will update to the selected project.