Authorization made easy

The only authorization service that doesn’t force you to rethink your application architecture.
Read the docs
Is Oso right for you?

Loved by Platform Engineering Teams

What is Oso?

  • Oso is authorization as a service, like LaunchDarkly is feature flags as a service or Auth0 is authentication as a service
  • Oso exposes an API that can answer any permissions question, like:
    • Can user X perform action Y on resource Z?
    • Which resources can user P perform action Q on?
    • Why did user X get access to resource Y?
Take the Oso quiz

Local authorization
Authorization over your data in Postgres

High availability
Runs in 20+ regions for 99.99% uptime

Performance
<10 ms latency and up to 1M reads/sec

Extensible
RBAC, ReBAC, and ABAC
Deterministic
Testable, debuggable, observable
Run anywhere
‍‍Cloud, hybrid, or on-prem
Built in 🦀 Rust, hardened by thousands of engineering teams

Why Oso?

  • The only authorization service that doesn’t force you to rethink your application architecture, enabling you to ship basic RBAC, fine-grained permissions, and custom roles in weeks
  • No syncing required – Oso authorizes locally using your existing database
  • Roll out Oso incrementally across your services and apps
  • When needed, you can centralize shared permissions data in Oso Cloud
Is Oso right for you?

How Oso works

  • Write your authorization rules in Polar, Oso’s DSL for authorization
  • Tell Oso about your database schema
  • Call the Oso API to ask any authorization question
  • Oso generates SQL filters, which you run locally against your database and, optionally, shared permissions data in Oso Cloud
Can Oso solve your needs?

Why authorization as a service?

  • Ship changes fast and reduce errors by decoupling authorization code from business logic
  • Ensure security and correctness
  • Eliminate duplicate effort by having a shared capability across teams, like authentication or feature flags
  • Transition to microservices successfully
Read about authorization as a service

Learn authorization best practices

Read a series of technical guides that explains how to build authorization into your app, including architecture, modeling patterns, enforcement, and more — whether you use Oso or not.
Read Authorization Academy

Loved by Developers

“Oso is A+. As we moved upmarket, being able to implement authz consistently and accurately helped us move faster and resolved a never-ending source of bugs.”

Brian Scanlan
Engineer, Intercom

“We reviewed multiple solutions – Oso came out on top for its devex, scalable and consistent performance, and the flexibility to match all our needs.”

Jiří Brunclík,
VP Engineering, Productboard

“We assessed many options (including building in-house) and we chose Oso for its local/cloud architecture, 99.99% uptime, and in-depth domain knowledge."

Guhan Venguswamy
Head of Platform Engineering, Jasper.ai

Let's see some code.

Try Oso Cloud
Read the docs
Product
DocumentationUse casesPricingSecurityStatusPrivacy Policy
Learn
Authorization AcademyWhat is Google Zanzibar?What is Open Policy Agent (OPA)?What is Fine-Grained Authorization?Authorization as a ServiceAuthorization FAQWhat is Attribute Based Access Control (ABAC)?
Microservices Best Practices
OpenFGA Alternatives
How-to
Role-Based Access Control in PythonRole-Based Access Control in Node.jsRole-Based Access Control in GoDebugTestPolar Reference
© 2024 Oso Security, Inc.