The Architecture of Scalable, Granular Permissions

Explore the evolution of authorization and the latest breakthroughs in fine-grained access control. You'll learn:

Why authorization is still an "N * M" problem
A real-world implementation of a fine-grained authorization system
Why a distributed system architecture is required for FGA
Open-source projects you can use as the foundation of your authz service

Watch it now!

The architecture of fine-grained authorization webinar

Everything you need to know about resource-level, real-time authorization systems for applications

Any application

Add granular permissions to any application in mins and be production ready in <2 weeks

const { jwtAuthz } = require("@aserto/aserto-node")
const checkAuthz = jwtAuthz({ ... })
// ...
app.get("/protectPath/:param", checkJwt, checkAuthz, 
  async (req, res) => { ... }
)

Node

Python

Java

.NET

Ruby

Roles, attributes & relationships

Authorize based on roles (RBAC), attributes (ABAC), relationships (ReBAC), or combinations

allowed {
  input.user.properties.dept == "Sales"
}

Use any user-centric attributes in your policies

Fine-grained permissions

Give users access to what they need, when they need it

~1ms authorization

Make authorization decisions in ~1 millisecond with Aserto

Real-time data

Authorize based on the most up-to-date policy, user, and resource information

Open foundation

Aserto is built on top Topaz. It adds a central control plane and high-speed data fabric to allow for real-time authorization

Get started today!

Speak with an engineer