Authorization designed for microservices

Oso is the “easy” button for authorization

Bob
is an
admin
on
Acme
Alice
is a
collaborator
on
Anvils
Anvils
belongs to
Acme
Roadmap
is public
too heavy!
belongs to
Anvils
too heavy!
was created by
Alice
Bob
can
delete
Anvils
Carol
can
read
Roadmap
Alice
cannot
delete
Anvils
Alice
can
read
too heavy!
Bob
can
close
too heavy!
Bob
can
read
Roadmap
Alice
can
close
too heavy!
Alice
can
read
Roadmap

Loved by Platform Engineering Teams

What we hear from engineers

“My customers want complex authorization features”

Meet enterprise requirements for fine-grained access control with Polar, our purpose-built language for authorization

“My authorization code is gross, and mind-numbing”

Centralize your logic without having to duplicate your data, using Local Authorization

“Data synchronization across services is brittle”

Clean, readable authorization logic — decoupled from your app code — that you’d be proud to demo

“I don’t want to be the one to mess up the authorization code”

Get unit tests, logs, and debugging, so you can make changes without breaking things

“I want to build AI apps without leaking sensitive data”

Get permissions-aware LLM responses by filtering vector embeddings

Not sure where to start?

Read our guide on how to POC authorization as a service.

Best practices for authorization in microservices

Read our recommendations for the best patterns for handling
authorization data in microservices.

Technical guides for building application authorization

Read a series of technical guides that explains how to build authorization into your app, including architecture, modeling patterns, enforcement, and more — whether you use Oso or not.

Loved by Developers

Amazon

“I'm sold on this way ahead for the known future. Oso has nailed the abstractions.That’s the hardest part to get right, and the hardest part to change later.”

Will Flynt
Principal Engineer, Amazon
Duolingo

“Oso is a compelling fit because of their singular focus on authz, plus the flexibility of their Polar rule definitions. Within twenty minutes we’d managed to define a custom Polar definition to handle our current use case."

Evan Ziebart
Engineer, Duolingo
Wayfair

“We needed to manage authorizationacross all of our new microservices. Theanswer was the Oso authorizationframework."

Nicholas Matison
Senior Engineer, Wayfair
Jasper.ai

“We assessed many options (includingbuilding in-house) and we chose Oso forits local/cloud architecture, 99.99%uptime, and in-depth domain knowledge."

Guhan Venguswamy
Head of Platform Engineering, Jasper.ai
Intercom

“Oso is A+. As we moved upmarket, beingable to implement authz consistently andaccurately helped us move faster andresolved a never-ending source of bugs.”

Brian Scanlan
Engineer, Intercom
Productboard

“We reviewed multiple solutions – Oso came out on top for its devex, scalable and consistent performance, and the flexibility to match all our needs.”

Jiří Brunclík
VP Engineering, Productboard
Oyster HR

“It used to take us months to add newroles. With Oso we cut that time 10x. TheOso team has also been very helpful,making our migration super smooth.”

Derick Matamoros
Lead Engineer, Oyster HR
Arc

“Oso has been huge for us. It has the most intuitive model. It’s the most mature, and has the best tooling and docs. And the support has been unreal.”

Raven Jiang
CTO, Arc
Fiddler

“Oso was the fastest path to building roles and has been incredible – easy to wrap our heads around, great docs, and makes life much simpler.”

KC Chintalapati
Engineer, Fiddler

Let's see some code.