The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Permission Open-Source Projects
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
CASL
CASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access
-
spicedb
Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
node-casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js and Browser
-
OPAL
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...) (by permitio)
-
openfga
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
-
ClusterPrePermissions
Cluster's reusable pre-permissions utility that lets developers ask the users on their own dialog for photos or contacts access, before making the system-based request. This is based on the Medium post by Cluster describing the different ways to ask for iOS permissions (https://medium.com/p/96fa4eb54f2c).
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Project mention: CASL – Isomorphic authorization JavaScript library | news.ycombinator.com | 2024-01-24
Project mention: How do you manage transactions in Go? Do we really need to use one transaction for each request? | /r/golang | 2023-06-02Have you taken a look at SpiceDB? The Authzed blog has a few posts that are useful to improving your understanding -- I can think of two: New Enemies and Writing relationships to SpiceDB.
However, in this piece we're focusing on the PBAC model also known as Policy-Based Access Control and how it differentiates itself these from traditional access control models in terms of scalability, flexibility and security.
Another tool that can help you deploy a Policy as Code-based solution in 2024 is OPAL, the Open Policy Administration Layer. OPAL is an open-source project that provides a comprehensive policy-based service for applications. With one click, you can deploy a full architecture of a Git-based centralized policy store with decentralized policy engines running as a sidecar with your applications. OPAL also provides a unified architecture to sync all the data you need with the policy engines.
This feels very much like OpenFGA[0]. I've been evaluating authorization tool for one of my side projects and honestly most tools feels like creating relationships in a graph-like database and querying to see if there is/isn't relationship between two entities. Is there more to this (besides the implementation details) or am I missing something from these tools?
[0] https://openfga.dev/
Permissions related posts
- Authorization is still a nightmare for engineers
- SpiceDB Playground is now Open Source
- CASL – Isomorphic authorization JavaScript library
- Top 5 Access Control Features You Should Implement in 2024
- OPAL: A Flexible, Self-Hosted Authorization Solution Inspired by Netflix's AuthZ Strategy
- Policy as Code Open Source Project – Roadmap Questions
- Opal – an open source cross-language policy administration tool
-
A note from our sponsor - WorkOS
workos.com | 23 Apr 2024
Index
What are some of the best open-source Permission projects? This list will help you:
Project | Stars | |
---|---|---|
1 | Permission Dispatcher | 11,211 |
2 | EasyPermissions | 9,815 |
3 | deepstream.io | 7,126 |
4 | CASL | 5,566 |
5 | SPPermission | 5,523 |
6 | spicedb | 4,489 |
7 | react-native-permissions | 3,904 |
8 | django-guardian | 3,539 |
9 | graphql-shield | 3,512 |
10 | bouncer | 3,383 |
11 | Permission | 2,903 |
12 | node-casbin | 2,471 |
13 | permify | 2,446 |
14 | OPAL | 2,281 |
15 | openfga | 2,244 |
16 | laratrust | 2,151 |
17 | accesscontrol | 2,118 |
18 | LuckPerms | 1,913 |
19 | django-rules | 1,766 |
20 | Sentinel | 1,500 |
21 | ClusterPrePermissions | 1,203 |
22 | nest-access-control | 1,060 |
23 | rbac | 977 |
Sponsored