Authorization for Go applications
Integrate Cerbos with your Go application using the gRPC-native SDK. Make strongly typed authorization checks with full context.Context support.
gRPC-native client
Built directly on gRPC for efficient binary serialization and low-latency communication with the Cerbos PDP
Strongly typed with context.Context
Pass context.Context for cancellation and deadlines, and work with strongly typed request and response structs throughout
Idiomatic Go API
Follows Go conventions with exported types, error returns, and a builder pattern for constructing authorization requests
What is Cerbos?
Cerbos is an enterprise authorization solution built to secure access across complex, distributed environments, SaaS products, and regulated systems.
It externalizes authorization logic from application code, making access control consistent and centrally managed across all your services. Instead of scattering permission checks throughout your codebase, you make a single API call to the Cerbos PDP.
Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They live outside your application and can be updated, tested, and deployed independently.
The Go SDK makes integrating Cerbos straightforward, checking authorization is as simple as calling a function, and the stateless PDP scales horizontally with your infrastructure.
How to authorize with the Go SDK
- Install the Go SDK. Add the SDK to your project with
go get github.com/cerbos/cerbos-sdk-go. - Initialize the Cerbos client. Create a new client with
cerbos.New(), pointing it at your Cerbos PDP instance running as a sidecar, remote service, or connected via Cerbos Hub. - Call CheckResources(). Pass a
context.Context, principal, resource, and actions. The SDK builds the gRPC request and returns a strongly typed response. - Cerbos returns allow or deny. The PDP evaluates your YAML policies and returns a decision your application can enforce immediately.
FAQ
How do I use the Cerbos Go SDK?
Add the SDK with `go get github.com/cerbos/cerbos-sdk-go`, create a client pointing at your Cerbos PDP, and call CheckResources with a context.Context, principal, resource, and actions. The SDK uses gRPC natively and returns strongly typed responses.
Does the Go SDK support gRPC?
Yes. The Go SDK is built on gRPC natively, giving you efficient binary serialization and streaming capabilities. It also supports connecting over HTTP if needed.
Is the Go SDK open source?
Yes. All Cerbos SDKs are open source and available on GitHub. They are actively maintained and kept up to date with the latest Cerbos PDP features.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + Go
- Authorization check via a single function call in Go
- Policies evolve independently of application code
- Full audit trail for every authorization decision
- Stateless PDP instances scale horizontally
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.