Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application. — Permify is now part of FusionAuth 🎉

The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar

Warrant is a highly scalable, centralized authorization service based on Google Zanzibar. Use it to define, enforce, query, and audit application authorization and access control.

Cloud-native authorization for modern applications and APIs

Keycloak integration with OpenFGA (based on Zanzibar) for Fine-Grained Authorization at Scale (ReBAC)

🔐 Lightning fast, global scale authorization service without the overhead of a yet another DSL.

🔏 Authorization framework for implementing Relation-based Access Control (ReBAC) with the Resolver (Inspired by GraphQL)

Google's Zanzibar paper annotated for folks outside of Google

🦅 EACL: Enterprise Access ControL is a ReBAC Authorization system based on SpiceDB, built in Clojure and backed by Datomic

Secure access to the Kubernetes API using SpiceDB

RBAC/ABAC/ReBAC policy engine for Python with policy sets, condition DSL, and hot reload

⚔️ A modern, attribute-aware access control engine written in Rust. Supports RBAC, ABAC, ReBAC, PBAC, and fine-grained multi-tenant policies. Built to rival Keycloak's authorization module.

Permit.io authorization middleware for FastMCP servers

EACL: Enterprise Access ControL is a SpiceDB-compatible ReBAC authorization library built in Clojure and backed by Datomic

Stop writing authorization logic. Start asking questions. OpenFGA high performance relationship-based access control for Laravel.

A simple ReBAC / Zanzibar gem for Rails apps

Permissions for Killer Apps

Relationship-based authorization library for TypeScript