Ship RBAC fast – this is your forever framework

For teams that are past rolling their own permissions

Ship RBAC fast

We've done the hard thinking for you. Oso is a framework with best practices built-in via authorization primitives and APIs. You embed Oso in your app and use your existing data, so there's no data migration required. We've even anticipated features you'll need, like filtering data from your database.
Learn about the framework

Your forever framework

Start with RBAC, then build any permissions model or feature – like relationships, hierarchies, or groups – using a built-in primitive or a policy you write yourself with our declarative policy language, Polar. By separating your authorization from your business logic, Oso is easier to build on and easier to debug than custom authorization code.
See how to build permissions models

Sleep easy

Oso lets you devote your engineering calories to something else. With all your authorization logic in one place, you can test your policies and ensure correctness. The framework bakes in best practices from work with hundreds of development teams. Plus, you get well-maintained documentation, example code, as well as access to the core engineering team and hundreds of other developers using Oso via Slack.
Explore the documentation


Set up common permissions patterns like RBAC and relationships using Oso's built-in primitives. Extend them however you need with Oso's declarative policy language, Polar.


Go beyond yes/no authorization questions. Implement authorization over collections too – e.g., "Show me only the records that Juno can see."


Write unit tests over your authorization logic now that you have a single interface for it. Use the debugger or tracing to track down unexpected behavior.
Authorization Academy

Learn authorization best practices

Read a series of technical guides that explains how to build authorization into an app, including architecture, modeling patterns, enforcement, and more — whether you use Oso or not.
Browse the Guides

Loved by Developers

Calvin French-Owen
Founder, Segment

“We spent 6+ months building authz infra. Oso is ensuring other companies get the right building blocks from day one."

Patrick O'Doherty
Sr. Engineer, Intercom

“Oso is an example of high quality of life software. I nearly wept when I realized I could just reuse our existing relationships as-is."

KC Chintalapati
Engineer, Fiddler

“Oso was the fastest path to building roles and has been incredible – easy to wrap our heads around, great docs, and makes life much simpler."

Karan Talati
CEO, First Resonance

“We love Oso because it lets us manage the chaos of access. We got up to speed in 1 week and into production in 3 weeks with 1 engineer.”

Gaurub Pandey
CTO, Dhi

“Oso is awesome. It has made it much easier to express anything we need in our EHR application. It sped up our authZ roadmap 4x."

Simen A. W. Olsen
CDO, Bjerk

“We love Oso, and that's not just because their authorization library is the best, but because the team is awesome too!"

William Hayes
CSO, BioDati

“Brilliant engineering. Helps guide one through what seems like a simple thing but never is."

Mike Dearman
Engineer, Undisclosed

“I've really appreciated the teamwork and honestly, quick turnaround vs. other vendors and projects."