# Design models for multi-tenant SaaS architectures
<a name="design-models"></a>

There are many ways to implement API access control and authorization. This guide focuses on three design models that are effective for multi-tenant SaaS architectures. These designs serve as a high-level reference for the implementation of policy decision points (PDPs) and policy enforcement points (PEPs), to form a cohesive and ubiquitous authorization model for applications.

**Topics**
+ [Design models for Amazon Verified Permissions](using-avp.md)
+ [Design models for OPA](using-opa.md)