Permit.io provides multiple ways to set access-control enforcement points in your software.
While the classic approach is to embed enforcement points in the code via the use of our SDK's; per a specific line of code, a route, or inside a middleware - you can also easily use Permit to enforce access inside your code using reverse-proxies - (e.g. Envoy, Traefik) - and API Gateways - (e.g. Kong, AWS API Gateway).
Most of these integrations can easily be done using OPA's plugin system with very little configuration.