An authorization backend that comes with a UI for RBAC and ABAC permission – Golang based

This project brings a backend server with its frontend for managing authorizations.

You can use both Role-Based Acccess Control (RBAC) and Attribute-Based Access Control (ABAC).

Why use it?

earth_africa A centralized backend for all your applications authorizations

raising_hand_man Supports Role-Based Access Control (RBAC)

pushpin Supports Attribute-Based Access Control (ABAC)

gear Multiple language SDKs available

white_check_mark Reliable: Authz uses Authz itself for managing its own internal authorizations

mag Audit: We log each check decisions and which policy matched

closed_lock_with_key Single Sign-On: Use your enterprise SSO to log into the web UI, using OpenID Connect

male_detective Observability: Retrieve metrics and tracing data into your prefered tools

More information on

How it works?

Authorization is simple: a principal wants to make an action on a resource. That’s it.

Authz allows you to manage all the authorizations you want to manage. All of them, centralized in a single application.Text changing depending on mode. Light: 'So light!' Dark: 'So dark!'

All you need to do is to host the backend server (a Go single binary), the frontend (static files) if you want it and use our SDKs.

All data are stored in a SQL database. We currently support:

You can run a development environment using our docker-compose.mysql.yaml and docker-compose.postgres.yaml files. Or, you can see below to run an example using SQLite.