From 0ee955f634a274590475f7c7dd5ec265fb04e670 Mon Sep 17 00:00:00 2001
From: Elizabeth Healy <ehealy@virtru.com>
Date: Tue, 14 Apr 2026 13:31:10 -0400
Subject: [PATCH 1/2] add namespaced policy to configuration docs

---
 docs/Configuring.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/Configuring.md b/docs/Configuring.md
index 095b7cead6..faee0f31ed 100644
--- a/docs/Configuring.md
+++ b/docs/Configuring.md
@@ -540,6 +540,7 @@ Root level key `policy`
 | ---------------------------- | ------------------------------------------------------ | ------- | -------------------------------------------------- |
 | `list_request_limit_default` | Policy List request limit default when not provided    | 1000    | OPENTDF_SERVICES_POLICY_LIST_REQUEST_LIMIT_DEFAULT |
 | `list_request_limit_max`     | Policy List request limit maximum enforced by services | 2500    | OPENTDF_SERVICES_POLICY_LIST_REQUEST_LIMIT_MAX     |
+| `namespaced_policy`          | When enabled, new actions, subject mappings, subject condition sets, and registered resources require a namespace. Non-namespaced versions are deprecated. | `false` | OPENTDF_SERVICES_POLICY_NAMESPACED_POLICY          |
 
 Example:
 
@@ -548,6 +549,7 @@ services:
   policy:
     list_request_limit_default: 1000
     list_request_limit_max: 2500
+    namespaced_policy: false
 ```
 
 ### Casbin Endpoint Authorization

From de1c524c9c8c5625efe7276d5f7964357dc74547 Mon Sep 17 00:00:00 2001
From: Elizabeth Healy <ehealy@virtru.com>
Date: Tue, 14 Apr 2026 13:45:53 -0400
Subject: [PATCH 2/2] code rabbit comment

---
 docs/Configuring.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/Configuring.md b/docs/Configuring.md
index faee0f31ed..c99fb0e24c 100644
--- a/docs/Configuring.md
+++ b/docs/Configuring.md
@@ -540,7 +540,7 @@ Root level key `policy`
 | ---------------------------- | ------------------------------------------------------ | ------- | -------------------------------------------------- |
 | `list_request_limit_default` | Policy List request limit default when not provided    | 1000    | OPENTDF_SERVICES_POLICY_LIST_REQUEST_LIMIT_DEFAULT |
 | `list_request_limit_max`     | Policy List request limit maximum enforced by services | 2500    | OPENTDF_SERVICES_POLICY_LIST_REQUEST_LIMIT_MAX     |
-| `namespaced_policy`          | When enabled, new actions, subject mappings, subject condition sets, and registered resources require a namespace. Non-namespaced versions are deprecated. | `false` | OPENTDF_SERVICES_POLICY_NAMESPACED_POLICY          |
+| `namespaced_policy`          | When enabled, new actions, subject mappings, subject condition sets, and registered resources require a namespace. When disabled (default), namespace fields are accepted but not enforced — objects may be created without a namespace (legacy behavior). Non-namespaced versions are deprecated and this flag will become the default in a future version. | `false` | OPENTDF_SERVICES_POLICY_NAMESPACED_POLICY          |
 
 Example: