The Authorization API
Your app's authorization is now fully programmable, observable, testable, and documented.
Platform Engineering Teams 🤍 Oso
Your authorization is complex
- Authorization code is ad hoc, fragile, and all over the place
- You have complex use cases like hierarchical models, fine-grained authorization, and custom roles
- You have multiple services or microservices
Read about why authorization is hard
Oso is
Authorization as a Service
- Authorization API – testable, debuggable, observable system
- Central place for all authorization logic and data
- List filtering
- RBAC, ReBAC, ABAC – and fully extensible
- Cloud, hybrid, or on-prem for 99.99% uptime and <10 ms latency
How Oso Cloud works
1
Model your domain
- Lay out who's allowed to do what in the Oso Modeler
- Start with primitives for common patterns like multi-tenancy and Admins
- Preview code
2
Test
- Write tests via assertions
- Debug failed tests using Explain
- Get suggestions for how to fix broken tests
3
Integrate
- Integrate the Oso Cloud SDK (Python, Node.js, Go, Ruby, .NET)
- Send authorization data
- Make authorization checks