We have a use case for which I am trying to evaluate OPA.
We have an onboarding API where the users have to answer a series of questions in multiple pages. There are conditions like if real Id is provided, then don't ask for passport. If age is over 18 then skip this question and so on. What I have written here is a simplified version. The actual rules (policies) are more complicated.
Most use cases I see online for OPA have to do with authorization. But at the same time OPA is supposed to be a general purpose policy policy engine.
My question to OPA experts, is my use case above a good candidate for OPA?
Sure it is! The most common use cases may be authorization and cloud infrastructure compliance, but OPA and Rego have been used for a wide range of use-cases, ranging from linters, RPG engines and sudoku solvers. Check out the awesome-opa list for some examples.