Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage.

Cerbos Community

Is there any way of setting a principal policy to everybody with a role (eg: deny any request if a JWT property is false)?

Principal policies only work for an individual principal matched by ID, so I think your best option here is to use <https://docs.cerbos.dev/cerbos/latest/policies/derived_roles.html|derived roles>. Suppose you're using a `user` role and you only want to allow access if they have a `verified` flag, then define a `verifiedUser` derived role which includes that condition, and use the derived role in your resource policies instead of `user`.