The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Permission Open-Source Projects
-
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
-
CASL
CASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access
-
-
spicedb
Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
node-casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js and Browser
-
-
OPAL
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...) (by permitio)
-
openfga
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
-
-
-
ClusterPrePermissions
Cluster's reusable pre-permissions utility that lets developers ask the users on their own dialog for photos or contacts access, before making the system-based request. This is based on the Medium post by Cluster describing the different ways to ask for iOS permissions (https://medium.com/p/96fa4eb54f2c).
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Project mention: CASL – Isomorphic authorization JavaScript library | news.ycombinator.com | 2024-01-24
Project mention: How do you manage transactions in Go? Do we really need to use one transaction for each request? | /r/golang | 2023-06-02Have you taken a look at SpiceDB? The Authzed blog has a few posts that are useful to improving your understanding -- I can think of two: New Enemies and Writing relationships to SpiceDB.
However, in this piece we're focusing on the PBAC model also known as Policy-Based Access Control and how it differentiates itself these from traditional access control models in terms of scalability, flexibility and security.
Another tool that can help you deploy a Policy as Code-based solution in 2024 is OPAL, the Open Policy Administration Layer. OPAL is an open-source project that provides a comprehensive policy-based service for applications. With one click, you can deploy a full architecture of a Git-based centralized policy store with decentralized policy engines running as a sidecar with your applications. OPAL also provides a unified architecture to sync all the data you need with the policy engines.
This feels very much like OpenFGA[0]. I've been evaluating authorization tool for one of my side projects and honestly most tools feels like creating relationships in a graph-like database and querying to see if there is/isn't relationship between two entities. Is there more to this (besides the implementation details) or am I missing something from these tools?
[0] https://openfga.dev/
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Permissions related posts
- Authorization is still a nightmare for engineers
- SpiceDB Playground is now Open Source
- CASL – Isomorphic authorization JavaScript library
- Top 5 Access Control Features You Should Implement in 2024
- OPAL: A Flexible, Self-Hosted Authorization Solution Inspired by Netflix's AuthZ Strategy
- Policy as Code Open Source Project – Roadmap Questions
- Opal – an open source cross-language policy administration tool
-
A note from our sponsor - WorkOS
workos.com | 23 Apr 2024
Index
What are some of the best open-source Permission projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | Permission Dispatcher | 11,211 |
| 2 | EasyPermissions | 9,815 |
| 3 | deepstream.io | 7,126 |
| 4 | CASL | 5,566 |
| 5 | SPPermission | 5,523 |
| 6 | spicedb | 4,489 |
| 7 | react-native-permissions | 3,904 |
| 8 | django-guardian | 3,539 |
| 9 | graphql-shield | 3,512 |
| 10 | bouncer | 3,383 |
| 11 | Permission | 2,903 |
| 12 | node-casbin | 2,471 |
| 13 | permify | 2,446 |
| 14 | OPAL | 2,281 |
| 15 | openfga | 2,244 |
| 16 | laratrust | 2,151 |
| 17 | accesscontrol | 2,118 |
| 18 | LuckPerms | 1,913 |
| 19 | django-rules | 1,766 |
| 20 | Sentinel | 1,500 |
| 21 | ClusterPrePermissions | 1,203 |
| 22 | nest-access-control | 1,060 |
| 23 | rbac | 977 |
Sponsored
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com