Plug & Play App-Level Authorization. Enforce in Frontend or Backend, control via No-Code UI Elements.
Now available: AWS Cedar support
Multiple policy-engine support
Use the right tool for the right task. Use the right language for the right policy.
Say no to Lock-in. Mix and match the policy engines you need.
Permit.io supports OPA's Rego and now adds AWS' Cedar, and Amazon Verified Permissions.
Generate Policy as code directly into Git, and deploy in realtime into the agent in your app.
Policy Editor Interface
Makes granting permissions as easy as checking a box
- Manage and edit your policies with in seconds instead of days
- Work with a simple UI, API, or directly with rego code.
- Enable multi-tenancy, RBAC, ABAC, ReBAC, and more with a single streamlined interface.
- Provide low-code/no-code interfaces for non-technical users.
- Ensure future requirements are met with policy as code.
- Get Git Ops support out-of-the-box
Elements: Embeddable access control elements - Ready to use
Decouple Policy from Code
Checking permissions is as easy as permit.check(). Integrate in your code, middelware, mesh, or API gateway- with ease.
ABAC and ReBAC with Low Code
Powerful Attribute & Relationship Based Access Controls made simple
- Scale seamlessly from RBAC to ABAC and ReBAC as your permissions needs grow
- Save significant time and complexity versus building and maintaining yourself
- Simplify for your non technical stakeholders with no code interfaces available out of the box
- Gain flexibility beyond what is possible with RBAC with very little effort Address all of the different use cases for your customers with comprehensive controls
- Learn all about Attribute Based Access Control at permit.io/abac
Manage Users According to Your Needs
A no-code interface for simple user management
- Create an organization hierarchy as you see fit
- Use groups to control access
- Assign roles and permissions easily
- Integrate to your email provider and send automated invites
Audit Application Policies and Decisions
Ensure your policies are protecting you and your operations.
- Get a full audit of every authorization decision
- Monitor the decisions your authorization policies made
- Track whether authorization was permitted or denied, to who and why
- Optimize policies to increase security confidence
Performance You Can Build On
Permit.io lets you build and scale with zero network latency.
- Avg. 1 ms per query (OPA-based)
- Milliseconds for policy and data event update propagation (OPAL-based)
- Maintain system performance thanks to our hybrid model with a local sidecar
What the great people from Honeycomb have to say
Leverage the Power of Open Source
Connect Seamlessly to Your Authentication
Bake-in authorization in minutes. Simply plug-in on top of your existing AuthN solution (e.g. Auth0, Cognito).
Moving to modern authorization for microservices is no easy feat, but OPAL made it easy. When I was learning and exploring replicator solutions for OPA myself in my free time, I found that OPAL is a very mature solution for the open-policy administration layer and beyond. Their community support is on another level, responding quickly to any question.
Hongbo Miao, Senior Software Engineer, Tesla
I have had the pleasure to deep dive with the Permit.io team and discuss our PoC. I was impressed with the team's knowledge of multiple Auth solutions. They explained various options with their pros and cons. Very smart and capable team.
Pawel Englert, Tech Lead, Beekeeper.io
Building authorization for Buzzer’s call-rep on-demand service was a challenging task, but with Permit.io we were able to get it up and running end-to-end in just a few days.
We now have 3 engineers who built services on top of Permit.io - all of which constantly keep telling me how happy they are with the solution, and how easy it was to use. We’ve probably already saved months of work thanks to the platform.
Matan Bakshi, Founder & CTO, Buzzer.ai
At Granulate we optimize our customers’ most critical systems; as a result, getting access control right is of the highest importance. Full stack permissions as a service allow our developers to focus on their core product, knowing that access control will work well both for our teams and the end customer. I was extremely impressed both by Permit.io’s technology and its dedication to customer service.
Tal Saiag, Founder & CTO, Granulate.io
At Epsagon (acquired by Cisco) we are no strangers to the complexity of microservices.
Access control demands of microservices are never-ending, so they require a modern stack that can quickly adapt to the most demanding tech and security needs. Permit.io provided us with a secure end-to-end authorization solution that saved us months of engineering work.
Ran Ribenzaft , Epsagon CTO, Cisco
When we build applications, secure access is at the forefront of our minds.
Application authorization is a huge pain point for companies, as one of the largest and most rapidly expanding attack surfaces. I was excited to discover Permit.io, which, to date, provides the most advanced authorization solution, based on open-source standards and supporting multiple policy models.
Barak Schoster Goihman, Senior Director, Palo-Alto Networks
Been using Permit with our project- It's exactly what I wanted. ... It's a small integration, using only granular authorizations. Great job! Be sure I'll keep following the project as it goes on, and keep using it!
Hugo Beaujour, Backend Engineer , Medicalib
Our system is built on dozens of roles and actions that allow full flexibility and serve each of our customers, agents, and partners, as well as our own teams, with the right actions. Permit allows us to maintain the complexity and fine tuning with minimal effort on the code and easy configuration. The team at Permit is fantastic, real experts, with endless willingness to help. I was amazed by their openness to feedback and how quickly they evolved their product from very good to excellent. Watch video now >>>
Nimrod Sadot, Co-founder and CTO, Honeycomb Insurance
OPAL has been a godsend for supporting dynamic OPA data and policy updates. It saves you from the hassle of creating and managing your own bundle server, and the updates can be done seamlessly REST API, a Github Policy Repo that is actively monitored, which are a couple of many other supported ways. The response time of decision requests, and the sync time between server workers, and clients is almost instantaneous.
To add a few words about the support from Permit.io team - they have always been proactive in understanding my questions (as silly as they may be sometimes) and providing the right answers/solutions. I greatly appreciate their timely help and support despite their busy schedule.
Giving OPAL a try is a no-brainer when looking for alternatives to traditional bundle servers. And the best part, OPAL is improving day by day, gathering more and more users!
Jayanth Vhavle Software Engineer | at Walmart Global Tech India, Walmart
Join the Conversation
Ready to transform your authorization?
Start using Permit.io and get your permissions and access management set up in minutes.