Drop Oso Cloud into your apps to quickly add RBAC, sharing, fine-grained access, or any other permissions model you can think of.
Your authorization code is holding you back
- Customers want features that you can’t build without a refactor.
- Your code is hand-rolled, fragile and hard to debug. It’s spread throughout the codebase and relies on data from multiple sources.
- There’s no one place to see who has access to what, that authorization is working, or why requests are or are not authorized.
Read about why authorization is hard
Oso Cloud is
Authorization as a Service
- Building blocks for RBAC, ABAC, and ReBAC.
- An opinionated data model.
- One place for all your authorization decisions.
- Debugging & logging to see when access was granted, and why.
- High performance: nodes deployed in your regions for <10 ms response times.
- Reliability & resiliency: multiple replicas worldwide for enterprise-grade uptime.
- The most mature authorization system, hardened by thousands of organizations.
How Oso Cloud works
- Lay out who’s allowed to do what.
- Start with primitives for common patterns like multi-tenancy and RBAC.
- Express custom rules using Polar, our configuration language for authorization.
- Put your core authorization data, like roles and permissions, in Oso Cloud.
- Send any other data at request time as context.
- Make simple checks with a call to authorize().
- Use other APIs for filtering resources, listing a user's roles, or rendering your UI.
- Write custom queries for anything else.
Debug, Test, & Monitor
- Debug your setup using Explain.
- Write tests over your policies before you push them live.
- See logs of authorization decisions in real time.
Looking for Oso On-Premises?
If you have strict on-premise requirements, build using the open source Oso Library on your own.