Application require authorization decisions made at the API gateway, frontend, backend, and database. OPA helps developers decouple authorization logic from application code, define a custom authorization model that enables end-users to control tenant permissions, and enforce that policy across the different components of the application (gateway, frontend, backend, database).