Oso Cloud Documentation
Oso Cloud is authorization-as-a-service. It provides abstractions for building and iterating on authorization in your application – based on years of work with hundreds of engineering teams.
Model. Lay out who’s allowed to do what. Start with primitives for common patterns like multi-tenancy and RBAC. Express custom rules using Polar, our declarative policy language for authorization.
Store. Put your core authorization data, like roles and permissions, in Oso Cloud. Send any other data at request time as context.
Enforce. Make simple checks with a call to
authorize(), or other APIs for filtering resources, listing a user's roles, or rendering your UI. Write custom queries for anything else.
Test & Monitor. Debug your setup using Explain. Write tests over your policies before you push them live. See logs of authorization decisions in real time.
Oso Cloud is a fully-managed cloud service. It handles:
- Availability (up to 99.99%)
- Latency (down to 10ms p99)
- Throughput (up to millions of requests per second)