Information in this Gist originally from this github issue, which is outdated.
As @RomanMinkin mentioned, you can also consider Casbin (https://github.com/casbin/casbin). It is the most starred authorization library in Golang. There are several differences between Casbin and OPA.
|Library or service?||Library/Service||Library/Service|
|How to write policy?||Two parts: model and policy. Model is general authorization logic. Policy is concrete policy rule.||A single part: Rego|
|RBAC hierarchy||Casbin supports role hierarchy (a role can have a sub-role)||Role hierarchies can be encoded in data. Also with the new
|RBAC separation of duties||Not supported||Supported: two roles cannot be assigned together|
|ABAC||Casbin supports to directly retrieve Golang struct's members as attributes||OPA needs to be provided with an attribute list (JSON) or Golang struct|
|Built-in functions||RESTful match, IP match, regex are supported. You can also write your own Golang function and let Casbin use it||Functions like regex, max, min, count, type conversion are supported. You can write your own built-in functions.|
|Policy storage||All common databases are supported by dozens of middlewares, like SQL, NoSQL, Key-Value, AWS S3, etc.||Not supported, you need to write your own code if you want to use DB like MySQL.|
|Conflict resolution||Allow-override, Deny-override, Allow-and-no-Deny, Priority are built-in supported. You can also write your own Effector logic (in code) to have a custom conflict resolution||Allow-override, Deny-override, Priority (but grammar is a little long). You can also resolve conflicts inside Rego itself.|
|Distributed authorization||You can use multiple Casbin instances together. Sharding and policy change notification are supported||One single OPA service|
|Other programming languages||Golang, Java, PHP, Node.JS, Python, .NET, Delphi, Rust and others are supported (> 8)||Golang, WASM (NodeJS in progress)|
|Adopters||Intel, VMware, Docker, Cisco, Banzai Cloud, Orange, Tencent Cloud, Microsoft||Netflix, Chef, SolarWinds, Cisco, Cloudflare, Pinterest, State Street Corporation|
(let me know if the above table is not accurate)
|Order by page rank||246||744|
|Order by page rank in github repos||133||583|
|Order by stars||166||436|
|Imported by||73 repos||23 repos|
|Imports||16 repos||71 repos|
OPA is primarily developed by Styra Inc. Styra is building "authorization as a service" which is backed by OPA. The marketing is slicker, and it appears a little more focussed on commercial service integrations.
Casbin's originator works for Microsoft Research, it doesn't have a group of sales people, but it appears more popular at a grassroots level.