Home

Getting Started

down

Docs & Resources

down
Free workshop to help you design Cerbos policies for your requirementsBook a session
Easy setup of policy testing and distribution with Cerbos CloudSign up to our beta
image

Implement

authorization

once and for all

Replace complicated authorization logic with a single call and allow product owners or security teams to manage access without touching code.
image

Configuration - not code

Define permissions as config outside of your application logic meaning no more code changes when requirements change
image

Scalable

Cerbos is containerized, stateless and has a very low resource footprint: allowing it to be scaled horizontally to handle any kind of demanding workload.
image

Developer Tooling

Ensure policies are production ready using first class support for GitOps including a built-in testing framework and CI/CD integration.
if (await cerbos.isAllowed({ principal: user, resource, action: "edit" })) {
  // allowed
} 
if (user.email.includes("@mycompany.com") ||
  (user.company.package === "premium" && user.groups.includes("managers"))
) {
  if(user.region === resource.region) {
    // access allowed
    AuditLog.record("ALLOWED", "edit", user, resource);
  } else {
    // access denied
    AuditLog.record("DENIED", "edit", user, resource);
  }
} else {
  // access denied
  AuditLog.record("DENIED", "edit", user, resource);
}

Before

After

Why Cerbos

image

Simple API

Replace complicated, hardcoded permissions logic with a single API call.

image

Made for Humans

Simple YAML policies, clear documentation and a variety of SDKs for your language of choice.

image

No vendor lock-in

Cerbos is fully self-contained and deployed to your own infrastructure. You can even run Cerbos on air-gapped environments without any extra work.

image

Open Source

Source code is freely available and you can harness the power of the community to get help, fix bugs and implement new features.

Implement Cerbos in under 4 mins

Watch our video tutorial on adding a typical CRUD policy to a simple express app in Node.

Bring your own identity

Use any identity provider to authenticate your users. Use Cerbos to enforce access controls.

JWT
Auth0
AWS Cognito
Okta
Clerk
Magic
FusionAuth
WorkOS
Stytch

SDKs & Integrations

Get productive quickly using our SDKs, quickstart guides and integrations with popular frameworks.

JavaScript
Python
Java
.NET
PHP
Rust
Go
Ruby
Graphql
Prisma
SQLAlchemy
ExpressJS
NextJS
NestJS
Remix
SvelteKit
Nuxt
FAST API

Try it out

Use the Cerbos Playground to prototype policies right in your browser

image