SaaSHub helps you find the best software and product alternatives Learn more →
Top 13 Go Abac Projects
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
spicedb
Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data
Here's an example of how it works in SpiceDB - a database inspired by Google Zanzibar. A zookie is passed when making a permissions check request, and guarantees that the policy and individual relationships used to compute the answer will be at least as fresh as the Zookie presented requires.
-
permify
An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application.
Project mention: Show HN: Permify 1.0 – Open-source fine-grained authorization service | news.ycombinator.com | 2024-08-21 -
openfga
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
Project mention: Who Needs Roles Anymore? Introducing OpenFGA, the Future of SaaS | dev.to | 2025-01-14It’s 2025 y’all, time to retire that ancient, one-size-fits-all approach. OpenFGA gives you the flexibility to handle complex user relationships with elegance. Whether you’re cooking up the next Slack, managing external contractors, or just tired of editing roles for your friends named Bob, ReBAC can save you from permissions purgatory.
-
warrant
Warrant is a highly scalable, centralized authorization service based on Google Zanzibar. Use it to define, enforce, query, and audit application authorization and access control.
Project mention: Show HN: Permify 1.0 – Open-source fine-grained authorization service | news.ycombinator.com | 2024-08-21I think one major difference between the Zanzibar implementations that are out there is support for the 'zookie' consistency token (as mentioned in the original paper). OpenFGA afaik doesn't implement zookies yet[1]. With zookies, each permission write generates a unique token that represents that particular write. Clients can store that token (per resource) and optionally provide it during runtime checks to ensure checks are consistent up to that write. It also helps the system guard against the 'new-enemy problem' (incorrect permissions checks due to permissions changes being read out of order) by ordering writes.
I'd argue that it also unlocks a variety of caching implementations on the Zanzibar server while still allowing clients to specify desired consistency on a per-request/per-resource level. In other words, a Zanzibar implementation with support for zookies can guarantee consistency at a much higher throughput than one that relies on time (second, millisecond delay). This is important for generic 'read after write' scenarios.
Disclaimer: I'm a former founder of Warrant[2] which was recently acquired by WorkOS. Our team has spent a ton of time building our Zanzibar-based authorization service (WorkOS FGA[3]) which supports zookies[4] and other Zanzibar concepts.
[1] https://openfga.dev/docs/interacting/consistency#future-work
[2] https://warrant.dev/
[3] https://workos.com/docs/fga
[4] https://workos.com/docs/fga/warrant-tokens
-
-
-
InfluxDB
InfluxDB high-performance time series database. Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.
-
-
-
-
-
-
poc-opa-access-control-system
This is a repository for POC of access control infrastructure using open policy agent.
Project mention: Implementing Access Control System for Microservices Using OPA | dev.to | 2025-03-20bmf-san/poc-opa-access-control-system
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Go Abac discussion
Go Abac related posts
-
Show HN: Permify 1.0 – Open-source fine-grained authorization service
-
Show HN: Topaz 0.30 – OSS authz service combining the best of OPA and Zanzibar
-
Authorization back end that comes with a front end
-
Authorization back end that comes with a UI for RBAC and ABAC
-
Authz: A centralized authorization back end with its front end
-
AWS Cognito - Am I doing this right?
-
authz: Authorization backend that comes with a UI for RBAC and ABAC permissions
-
A note from our sponsor - SaaSHub
www.saashub.com | 20 Apr 2025
Index
What are some of the best open-source Abac projects in Go? This list will help you:
| # | Project | Stars |
|---|---|---|
| 1 | casbin | 18,486 |
| 2 | spicedb | 5,572 |
| 3 | permify | 5,358 |
| 4 | openfga | 3,473 |
| 5 | warrant | 1,261 |
| 6 | topaz | 1,183 |
| 7 | casbin-server | 323 |
| 8 | authz | 251 |
| 9 | restrict | 101 |
| 10 | k8s-gatekeeper | 35 |
| 11 | json-adapter | 19 |
| 12 | chi-authz | 3 |
| 13 | poc-opa-access-control-system | 1 |
Sponsored
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai