-
spicedb
Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
permify
Open source authorization service inspired by Google Zanzibar to build fine-grained and scalable authorization systems.
-
openfga
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Two years ago, we founded Aserto to simplify authorization for developers. Authorization is critical and hard to get right, yet isn't a source of differentiation for most applications.
Google [1], Airbnb [2], Netflix [3], Carta [4], Intuit [5], and others have written about their authorization systems. It's clear that these are all significant undertakings by sizable teams. Most engineering organizations don't want to spend their precious cycles reinventing this wheel.
Over the last two years, we've collected a set of best practices that are common across these projects. We call these the Principles of Authorization [6]. Our goal has been to democratize these principles into an authorization service, and save you time and effort.
Topaz [7] is an open source authorization system you can use to start building robust authorization in minutes. It provides fine-grained, real-time, policy-based access control for modern cloud applications. You can deploy it as a sidecar or a microservice in your cloud, ensuring low latency to your application.
Topaz combines the best ideas from two cloud-native authorization ecosystems: OPA and Zanzibar. Read our blog post [8] for more on why we built Topaz.
Happy hacking!
[1] https://research.google/pubs/pub48190/
[2] https://medium.com/airbnb-engineering/himeji-a-scalable-cent...
[3] https://www.infoq.com/presentations/authorization-scalabilit...
[4] https://medium.com/building-carta/authz-cartas-highly-scalab...
[5] https://medium.com/intuit-engineering/authz-intuits-unified-...
[6] https://www.topaz.sh/docs/intro#principles
[7] https://github.com/aserto-dev/topaz
[8] https://www.aserto.com/blog/topaz-oss-cloud-native-authoriza...
> it'd be awesome to collaborate [...] this is what open source is all about
100%! Though as a FOSS fan myself, I'm hoping for a new comer GPL/copyleft solution to come about and rule us all :)
Side-note: Absolutely loved this article from OSO with Abhishek Parmar, one of the co-creators of Zanzibar [3]
[0]: https://github.com/authzed/spicedb/issues/386
Both REST and built-ins for OPA have been available for existing projects like OpenFGA and SpiceDB. In case of SpiceDB, the first built-in was available in June of last year[0].
Why take on the burden of building something new when you could collaborate with the existing communities with more mature solutions? We'd be glad to welcome you!
[0]: https://github.com/authzed/zed/pull/5
Related posts
-
OpenFGA: A high performance and flexible authorization/permission engine
-
warrant VS openfga - a user suggested alternative
2 projects | 15 Aug 2023 -
How to setup Keycloak for separate frontend and backend services?
-
We built an open source authorization service based on Google Zanzibar
-
Title: How to integrate Auth0 FGA into a .NET application