Worth to mention in the same area regarding authorization engine with APIs is OPA [1] which is relying on a Datalog inspired language: Rego.
I agree with you that authorization is lacking a set of standards allowing interoperability. The only known practical one XACML, has not seen wide adoption. OPA through its design and API allow useful feature for Enterprise use cases for which Styra [2] (founder of OPA) is selling a solution based on those APIs.
I agree with you that authorization is lacking a set of standards allowing interoperability. The only known practical one XACML, has not seen wide adoption. OPA through its design and API allow useful feature for Enterprise use cases for which Styra [2] (founder of OPA) is selling a solution based on those APIs.
Note: I am not affiliated with Styra in any way.
[1] https://www.openpolicyagent.org
[2] https://www.styra.com/