Authorization,
Supercharged
Drop Oso Cloud into your apps to quickly add RBAC, sharing, fine-grained access, or any other permissions model you can think of.
Your authorization code is holding you back
- Customers want features that you can’t build without a refactor.
- Your code is hand-rolled, fragile and hard to debug. It’s spread throughout the codebase and relies on data from multiple sources.
- There’s no one place to see who has access to what, that authorization is working, or why requests are or are not authorized.
Read about why authorization is hard
.png)
Oso Cloud is
Authorization as a Service
- Building blocks for RBAC, ABAC, and ReBAC.
- An opinionated but flexible data model.
- One place for all your authorization decisions.
- Debugging tools to show you why access was granted.
- Logging for a full record of authorization decisions.
- High performance: nodes deployed in regions close to your application for <10 ms response times.
- Reliability & resiliency: multiple replicas in regions worldwide to protect your app against downtime.
How Oso Cloud works
1
Model
- Lay out who’s allowed to do what.
- Start with primitives for common patterns like multi-tenancy and RBAC.
- Express custom rules using Polar, our declarative policy language for authorization.
2
Store
- Put your core authorization data, like roles and permissions, in Oso Cloud.
- Send any other data at request time as context.
3
Enforce
- Make simple checks with a call to authorize().
- Use other APIs for filtering resources, listing a user's roles, or rendering your UI.
- Write custom queries for anything else.
4
Debug, Test, & Monitor
- Debug your setup using Explain.
- Write tests over your policies before you push them live.
- See logs of authorization decisions in real time.
Looking for Oso On-Premises?
If you have strict on-premise requirements, build using the open source Oso Library on your own.
Oso Developer Love
Raven Jiang
CTO, Arc
CTO, Arc
"Oso has the most intuitive model; it’s the most mature, with the best tooling and docs; and the support has been unreal."
Brian Scanlan
Engineer, Intercom
Engineer, Intercom
“Oso is excellent and well worth taking a look at. The rollout at Intercom has been very slick."
KC Chintalapati
Engineer, Fiddler
Engineer, Fiddler
“Oso was the fastest path to building roles and has been incredible – easy to wrap our heads around, great docs, and makes life much simpler."
Karan Talati
CEO, First Resonance
CEO, First Resonance
“We love Oso because it lets us manage the chaos of access. We got up to speed in 1 week and into production in 3 weeks with 1 engineer.”
Nicholas Matison
Senior Engineer, Wayfair
Senior Engineer, Wayfair
“We needed to manage authorization across all of our new microservices. The answer was the Oso authorization framework."
Simen A. W. Olsen
CDO, Bjerk
CDO, Bjerk
“We love Oso, and that's not just because their authorization library is the best, but because the team is awesome too!"
Andrew McClain
Founding Engineer, Sesh
Founding Engineer, Sesh
“Oso gives us everything we need to solve authorization – conceptually and implementation-wise. It's just the right amount of magic."
Mike Dearman
Engineer, Undisclosed
Engineer, Undisclosed
“I've really appreciated the teamwork and honestly, quick turnaround vs. other vendors and projects."
Learn authorization best practices
Read a series of technical guides that explains how to build authorization into an app, including architecture, modeling patterns, enforcement, and more — whether you use Oso or not.
Read Authorization Academy
Let's see some code.
