# OnlyAuthorizedSenderPolicy
Source: https://docs.chain.link/ace/reference/policy-library/only-authorized-sender-policy
Last Updated: 2026-04-20


The OnlyAuthorizedSenderPolicy restricts who can call a protected function based on the transaction sender. Unlike the AllowPolicy and RejectPolicy (which check addresses extracted from the transaction parameters), this policy checks `msg.sender` directly and rejects if the sender is not on the authorized list.

## Configuration

### Authorized sender list

The authorized sender list defines which addresses can call the protected function. The list starts empty at deployment and must be populated afterward — until you add at least one address, every transaction will be rejected.

Each address is added or removed individually.

> **NOTE: Sender vs. extracted addresses**
>
> This policy ignores the addresses extracted by the extractor. It checks only the `msg.sender` of the transaction. If
> you need to validate addresses from the transaction parameters (such as a transfer recipient), use the
> [AllowPolicy](/ace/reference/policy-library/allow-policy) or
> [RejectPolicy](/ace/reference/policy-library/reject-policy) instead.

## Runtime behavior

This policy does not use extracted parameters. It checks `msg.sender` directly.

- **`run()`** — Reverts if the sender is not on the authorized list. Returns `Continue` otherwise.
- **`postRun()`** — No state changes.

## API reference

### Setter functions

- **`authorizeSender(address account)`** — Adds an address to the authorized list. Reverts if the address is already authorized.
- **`unauthorizeSender(address account)`** — Removes an address from the authorized list. Reverts if the address is not authorized.

### View functions

- **`senderAuthorized(address account)`** — Returns `true` if the address is authorized.

## Use cases

- **Restricted operations** — Limit who can call specific contract functions regardless of the function arguments.

## Source

[OnlyAuthorizedSenderPolicy.sol](https://github.com/smartcontractkit/chainlink-ace/blob/main/packages/policy-management/src/policies/OnlyAuthorizedSenderPolicy.sol)