Add authorization to multi-tenant SaaS apps

Fine-grained permissions, pricing tiers, and sharing, ready-to-go in minutes.

Mulitentant SaaS application authorization

Go beyond roles

Easily add resource-level permissions to any SaaS. Multi-tenant applications need more than roles in isolated environments. They need fine-grained permissions.

Identity & context-aware access

Justified access, not just access. Marry user information from your identity providers and directories with dynamic context data from your application, to ensure that only the right users can access the right resources.

Fast & scalable authorization

Authorize in a millisecond, based on fresh data. Enjoy the blazing fast authorization of a local microservice, with the scalability of a distributed system.

Aserto authorization in milliseconds with 100% availability

Seamlessly evolve your model

Evolve authorization as requirements change. Aserto natively supports RBAC, ABAC, PBAC, ReBAC, and combinations. Start with the simplest model and seamlessly evolve to more powerful ones when the time is right.

allowed {
  input.user.properties.dept == "Sales"
}

Use any user-centric attributes in your policies

Easy implementation

Add authorization to your app in minutes, not months. Go, Node, Java, Python, Ruby, and ASP.NET SDKs & quickstarts are available, as well as GraphQL, gRPC, and REST APIs.

const { jwtAuthz } = require("@aserto/aserto-node")
const checkAuthz = jwtAuthz({ ... })
// ...
app.get("/protectPath/:param", checkJwt, checkAuthz, 
  async (req, res) => { ... }
)

Node

Python

Java

.NET

Ruby

Add powerful capabilities to your apps

Secure sharing

Your users want to share resources they own with others - let them. Add resource-level secure sharing to your app in minutes.

Self-serve entitlements

Allow your enterprise customers to mix and match your permissions into their own custom roles.

Pricing & frontend changes

Add trials, feature bundles, add-ons, and custom pricing packages to your app. Customize frontend experiences with external policies, rather than feature flags or updates to code.

Full audit trails

Automatically capture every access decision made, along with all of the inputs. Easily export these audit trails to your SIEM tools, or share them with auditors as proof of compliance.

Trying to decide whether to build or buy?

Authorization is deceptively hard. Open Source projects like Topaz can help. And Aserto can help you scale and support a Topaz-based externalized authorization service for your multi-tenant SaaS application. Get the whitepaper to learn more!

Get the whitepaper!

Authorization as easy as an API call

Speak with an engineer