What is Oso?


noun /ˈō-sō/ — a batteries-included framework for building authorization in your application

Oso is a library.

Oso is a library. It's embedded in your application, it uses your data models, and Oso policies live alongside your application code. Oso supports Python, Node.js, Go, Java, Ruby, and Rust.

Oso comes with built-in authorization primitives.

You write policies to express who can do what in your app using Polar, Oso's declarative policy language. When writing policies, you have direct access to all your app data, models, classes and methods. Use any of the built-in primitives for patterns like roles, relationships and hierarchies. Or write custom rules for anything you need.

Oso enforces authorization in one line.

Enforce authorization checks with one line of code. Pass in any user or resource object from your app. Oso provides built-in enforcement APIs for different layers of the stack – the request, resource, query, and field layers. You can even filter data from collections using your existing policies and data to answer questions like, "Return only the records that Juno can see."

The best way to learn is to get your hands dirty.