Blog
Demos, implementation guides, product updates and broader takes on authorization, identity and security. Written for the engineers, architects, security, identity and product leaders shaping how their teams ship and govern access.
Governing AI agents at the gateway with Cerbos and agentgateway
How to govern AI agents at the gateway with agentgateway and Cerbos. This covers the three authorization questions on every agent hop, which model an identity can call, which MCP servers and tools it can open, and what a tool call is actually asking for, all from one policy bundle over Envoy ext_authz.
How to secure AI agents and MCP tools at the gateway with LiteLLM and Cerbos
Add policy-based authorization to a LiteLLM AI gateway with Cerbos. Control which models each user or agent can call, hide tools the caller shouldn't see, and bind MCP tool arguments to caller attributes, all enforced at the proxy with no application changes.
Introducing Cerbos Hub Insights: A live view of what your authorization layer is doing
Cerbos Hub Insights aggregates the decisions your PDPs make into charts and rankings, so patterns like a spike in denials become obvious without scrolling the audit log. Track allows, denies, and active principals over time, built entirely from audit data you already send to Cerbos Hub.
AuthZEN wins Outstanding Project Recognition at EIC 2026
OpenID AuthZEN won the Outstanding Project Recognition award at EIC 2026, with Cerbos CPO Alex Olivier co-chairing the working group. Here's what the interoperability standard means for authorization, why it matters as AI agents act on behalf of users, and how Cerbos implements it.
Choosing the right deployment model for enterprise authorization
Understand the deployment models available for your authorization system - cloud hosted, self hosted, on premise. See what drives the choice between them, and what each one means for your team in practice.
The Meta AI hack shows why agents shouldn't decide access
AI agent authorization broke wide open when hackers talked Meta's support chatbot into resetting Instagram passwords. This breaks down the confused deputy problem, why authentication alone doesn't fix it, and why access decisions belong in externalized authorization the agent can't argue its way past.
Agent skill for writing authorization policies in Claude Code
Claude Code lets engineers draft authorization policies in plain English, right in the terminal. This guide covers installing the policy skill through the plugin marketplace, invoking it with /cerbos-policy, what a session looks like, validating against the real Cerbos compiler in Docker, and where human review still matters.
Authorization for AI agents: What to build before the EU AI Act deadline
What runtime policy at the orchestration layer means, why the agent-to-tool layer is the missing category in agentic AI governance, and which EU AI Act articles actually apply to infrastructure vendors. Practical steps for CTOs and security leads on inventorying agents, sponsoring identities, and externalizing authorization.
Authentik vs Keycloak: Self-hosted IdP comparison
Compare Authentik and Keycloak for self-hosted IAM. See SSO, MFA, protocol support, operations, authorization limits, and where Cerbos fits.
Mapping business requirements to authorization policy for automotive
Authorization in enterprise automotive platforms covers more than roles. This guide explains why RBAC fails for software-defined vehicles, how ABAC and policy-as-code govern OTA updates, ECU diagnostics, and supplier access, and how Cerbos handles workforce, partner, customer, and non-human identities across the vehicle lifecycle.
Fine-grained authorization for AI gateways
Fine-grained authorization for AI gateways, explained. Why gateway authentication stops short of access control, how attribute-based policies govern model calls, tool invocations, MCP methods, and agent-to-agent delegation, and how Cerbos provides the runtime policy layer for every AI request.
EIC 2026: Stop counting agents, protect what they can touch
AI agent authorization was the question every IAM team brought to EIC 2026. Inventory tells you which agents exist. It does not decide whether an agent should move money, call a tool, or act through a delegated user. Notes on the vault, delegation chains, dynamic authorization, and EU AI Act audit.
Agent skill for writing authorization policies in Claude Desktop
Claude Desktop lets product, security, and engineering leads draft Cerbos authorization policies in plain English without writing YAML. This guide walks through installing the Cerbos policy skill, connecting your specs via MCP, validating against the real compiler, and producing a complete policy bundle ready for review and PR.
Identity security in 2026
Identity security explained. The pillars most vendors cover (authentication, IGA, PAM, ITDR, ISPM, identity fabric), the shift to machine and AI agent identities, and the runtime authorization layer where most identity security programs still have a blind spot.
EIC 2026 takeaways: the identity stack built for humans will not hold up for AI agents
The identity stack built for humans does not hold up for AI agents and ephemeral workloads. Takeaways from EIC 2026 on signal-driven authorization, action-based provisioning, delegation chains, token issuer risk, and the four questions every CISO should ask about agent identity in the next 12 months.
Already have authentication? Here's the authorization layer you still need.
Identity providers cover authentication, not fine-grained access control. See the authorization gaps they leave and how to evaluate a solution.
Tokens are authorization decisions: a guide to policy-driven token issuance
Tokens are authorization decisions, and most identity teams don't manage them like one. This article explains policy-driven token issuance, the three patterns Gartner calls Authorization Management Platforms, what AuthZEN changes, and how to govern AI agent tokens without hardcoding logic into the IdP.
What is a Runtime Authorization Platform
Runtime Authorization Platforms explained. What runtime authorization actually means, how it differs from admin-time and event-time controls, why attacks land on the runtime layer, and what separates a real runtime platform from a policy engine. Covers architecture, deployment shapes, AuthZEN, and continuous evaluation.
Recommended content
Mapping business requirements to authorization policy
eBook: Zero Trust for AI, securing MCP servers
Experiment, learn, and prototype with Cerbos Playground
eBook: How to adopt externalized authorization
Framework for evaluating authorization providers and solutions
