grid

Cerbos Policy Decision Point

The scalable, open source authorization layer for implementing roles and permissions

Do not reinvent

user permissions

access management

authorization

ABAC

RBAC

user permissions

Cerbos PDP

Join hundreds of leading companies using Cerbos

The world's leading crypto finance house serving people, projects, protocols and institutions since 2011.
Utility Warehouse synchronizes authorization across 4,500 services and secures millions of NHIs.
One of the world's leading automobile manufacturers.
Flash eliminates authorization technical debt and doubles corporate card spending with Cerbos.
4G Capital saves a quarter-million dollars per year with Cerbos.
An employee experience that people love.
Creating a world where workplaces work better.
BarrierSystems integrates Cerbos into smart vehicle access gates, cutting internal costs by 15%.
Enabling all healthcare stakeholders to easily share information and work together.
Most secured and interactive NG911 cloud native communications platform for mission-critical contact centers.
The number 1 company in Italy to buy and sell.
Enhancing and accelerating the software development lifecycle.
Protecting user data with true end-to-end encryption.
The leading European analyst firm in identity and access management.
Modern and digital survey solutions for companies.
Complex (NTWRK) makes a complex access control system easy to manage with Cerbos.
The experts in medical imaging technology.
Making the world a better place to work together.
An early stage tech venture investor.
The collaborative platform to build conversational AI.
Human Managed creates a future-proof ABAC engine with Cerbos.
The fastest development platform.
Delivering innovative solutions to track and certify data and operations.
The leading contract creation and collaboration platform.
One of the world's fastest-growing global technology services provider.
9fin modifies product packaging in 10 minutes.
Cerbos helps Salesroom save over $1MM worth of developer time.
People analytics platform: Fast track to the insights behind your people data.
Advanced malware and phishing analysis.
Leading search intelligence platform for the open web.
Logistics payments without the logistics.
Nook onboards 3x more users by implementing granular roles and permissions.
A react-based framework for building internal tools, rapidly.
Debite accelerates compliance certification and ships products faster.
Supy offers dynamic role management to their clients with Cerbos.
Loop secures air-gapped cash deposit machines with Cerbos.
Making the world a better place to work together.
Build and manage residential investment portfolios.
Securely manage application secrets and configurations.
A discussion-first platform without language issues.
Collaborative team design canvas that equips tech leaders to make smarter org design decisions.
The world's leading crypto finance house serving people, projects, protocols and institutions since 2011.
Utility Warehouse synchronizes authorization across 4,500 services and secures millions of NHIs.
One of the world's leading automobile manufacturers.
Flash eliminates authorization technical debt and doubles corporate card spending with Cerbos.
4G Capital saves a quarter-million dollars per year with Cerbos.
An employee experience that people love.
Creating a world where workplaces work better.
BarrierSystems integrates Cerbos into smart vehicle access gates, cutting internal costs by 15%.
Enabling all healthcare stakeholders to easily share information and work together.
Most secured and interactive NG911 cloud native communications platform for mission-critical contact centers.
The number 1 company in Italy to buy and sell.
Enhancing and accelerating the software development lifecycle.
Protecting user data with true end-to-end encryption.
The leading European analyst firm in identity and access management.
Modern and digital survey solutions for companies.
Complex (NTWRK) makes a complex access control system easy to manage with Cerbos.
The experts in medical imaging technology.
Making the world a better place to work together.
An early stage tech venture investor.
The collaborative platform to build conversational AI.
Human Managed creates a future-proof ABAC engine with Cerbos.
The fastest development platform.
Delivering innovative solutions to track and certify data and operations.
The leading contract creation and collaboration platform.
One of the world's fastest-growing global technology services provider.
9fin modifies product packaging in 10 minutes.
Cerbos helps Salesroom save over $1MM worth of developer time.
People analytics platform: Fast track to the insights behind your people data.
Advanced malware and phishing analysis.
Leading search intelligence platform for the open web.
Logistics payments without the logistics.
Nook onboards 3x more users by implementing granular roles and permissions.
A react-based framework for building internal tools, rapidly.
Debite accelerates compliance certification and ships products faster.
Supy offers dynamic role management to their clients with Cerbos.
Loop secures air-gapped cash deposit machines with Cerbos.
Making the world a better place to work together.
Build and manage residential investment portfolios.
Securely manage application secrets and configurations.
A discussion-first platform without language issues.
Collaborative team design canvas that equips tech leaders to make smarter org design decisions.
bg

Implement fast, flexible and scalable access control with ease

The Cerbos Policy Decision Point (PDP) provides a simple, yet powerful solution for authorization that can be up and running in minutes. Cerbos PDP helps you separate your authorization process from your core application code, making your authorization system infinitely scalable, more secure and easier to change as your application evolves.

Documentation

Fast and secure

Fast and secure

Plug and play

Plug and play

Developer-friendly

Developer-friendly

Try it out with the Cerbos Playground

playground

Fast and secure

Flexible deployment models

Self-hosted, compatible with air-gapped, high security environments. Deploy with serverless functions or a sidecar model.

Deployment

Near-instantaneous response times

Stateless design enabling sub-millisecond policy evaluation without having to synchronize application state or rely on slow network fan-out.

Stateless

Full auditing and accountability

Compliance with ISO27001, SOC2, and HIPAA with real-time change logs. Keep track of every request and action.

Audit logs

Row-level authorization

Decouple data filtering requests from the code via a query plan API, managed by the same policies as application access.

Row-level authZ
Data-filtering for RAG

Plug and play

Bring your own identity

Cerbos supports integration with any authentication provider.

Ecosystem

Designed for full stack architectures

Cerbos PDP uses an API-first approach. Seamlessly integrate with frameworks.

Integrations

SDKs for multiple languages

Including Javascript, Python, Go, Ruby, PHP, and more.

Ecosystem

RBAC, ABAC and more

Cerbos offers context-aware role definitions and attribute-based access control.

RBAC
ABAC

Developer friendly

Define policies in YAML

Human readable configurations for better cross-functional collaboration and communication

YAML

Testable with GitOps

Manage, test and deploy fine-grained access control policies using a CI/CD/GitOps workflow.

GitOps & CI/CD

Management API

Add or update policies using the Cerbos Admin API to simplify administration functions.

Admin API

No vendor lock-in

As a stateless, self-hosted solution, Cerbos can run on public / private clouds, serverless platforms, or your data center

No lock-in

What our users say about Cerbos

avatar

Rob, Principal Engineer
@ Utility Warehouse

"It's weird to say an outside company has our back, but Cerbos does. It's the people. It's their open-source code: it's high quality, you can read it, it does what it says on the tin"

avatar

Joe, Software Engineer
@ 9fin

"It's a good feeling being able to say yes to almost any permissioning requirement." "Cerbos is small, contained and easy to implement. It 100% delivers on the promise of abstracting away the complexity of decision making."

avatar

David, Senior Software Engineer
@ Salesroom

"We're not worried about scaling because we can easily increase our load on Cerbos. It will also be easy for us to change how we're distributing policies as we reach different points of scale."

avatar

Joe, CEO & Co-Founder
@ Nook

"We went from one user - every role, to a world where there are many users - many roles. And the product, it relies on Cerbos to actually bring the value that we want to bring to customers. All of our customers are relying on Cerbos, by relying on the product, which is of course relying on Cerbos."

avatar

Chuck, Head of Engineering
@ Salesroom

"Instead of thinking of how much time Cerbos has saved us, I think about how much time it didn't cost us. It didn't cost us any time. Cerbos just works. I don't have to think about it. It's as simple as that."

avatar

Steve, Staff Engineer
@ Complex

"One of our big considerations was speed. We have strict latency tolerances. When it comes to Cerbos - you can call it a hundred times during a request and it doesn't matter. It's incredibly fast."

avatar

Engin, Head of Product and Growth & Co-Founder
@ Debite

"If it wasn't for Cerbos, one thing is for sure - we would've launched later than we did. As a result, we would have less customers. And the maintenance part is also very important. Our technical team would be dealing with daily stuff regarding access controls, access logs. Now, we don't have to spend any time on that."

avatar

Rounak, Founding Engineer
@ CommandK

"Cerbos policy writing is quite flexible, and deploying as a unit microservice as well. Cerbos "doesn't get in the way" once integrated, that's the best part."

avatar

Romina, Tech Lead
@ Wizeline

"It is easy to implement and provides a solution for a problem that is often not properly addressed."

avatar

Henry, CTO & Co-Founder
@ Nook

"Having the separation of the permissions from the code base just makes the code base more elegant. It makes the permissioning more elegant. It means they're centralized, so they're not tied to specific endpoints. And ultimately it means that different business owners have the ability to actually make updates."

avatar

Rasmus, CTO
@ Firtal

"Just discovered your embedded testing framework. This is probably the best balance between hyperfocused functionality and embedded tooling I've ever seen in an open source project. Damn, good work!"

Use cases

shield

Application permissions

Fine grained context aware permissions.

Go beyond roles
shield

Product packaging

Provide trials, feature bundles and custom packages for customers.

Manage entitlements
shield

Enterprise ready

Manage complex organizational requirements.

Org permissions
shield

Multi-tenant SaaS

Support multiple customer environments at scale.

Tailored access
grid

Try Cerbos Hub

A complete authorization management system for authoring, testing, and deploying policy

Deploy and synchronize PDP at scale

Save time managing and synchronizing every PDP across all your apps and services, decreasing deployment overhead.

Authorize anywhere

Unlock authorization everywhere - within browsers, serverless architectures, embedded devices, and at the edge with one solution.

Collaborate across teams

Collaborate, validate, and test policies real-time in an IDE environment that’s accessible to non-technical stakeholders and quickly adapt to changing app requirements.

Most popular resources

laptop

Cerbos Policy Decision Point

Want to run authorization yourself?

laptop

Playground

Prototype policies in your browser right now

laptop

Docs

Check out our API reference and guides

laptop

Slack community

Join our community on Slack and learn

laptop

Success stories

Stories of Cerbos in production

laptop

Speak to an engineer

Book an intro call and learn more