Oso Cloud

Oso Cloud
Authorization as a Service

For teams that are past rolling their own permissions libraries and servers, and want a taste of the good life.

Started from an if statement, now we’re here.

You started with a few if statements and roles in a database, and now your authorization model is more complex.

Or maybe maybe your monolith has grown  unwieldy, and you’re breaking it up into microservices.

How do you implement a sane authorization model? How do services share authorization data? Where does it live? How do you enforce it?

How it works.

1. Declare who can do what in your app. Use built-in primitives for patterns like roles, relationships and hierarchies, or write custom rules for anything you need using Polar, Oso's declarative policy language.

2. Add your authorization data to Oso Cloud. We give you an API and underlying data model  that makes authorization checks fast and supports any pattern you need.

3. Enforce with one line. Enforce your authorization logic in your app with a call to authorize().

Authorization for one service or thousands.

Your Model, Included

Built-in primitives for common patterns like organizations, sharing, roles, and groups.

List Endpoint Enforcement

Built on a data model to ensure fast response times, even when authorizing large lists of data.


No deployment, no schema design, no upgrades, no maintenance.

Low latency

Deployed globally in region close to your application.


Testing interface for your team. Backed by a provable policy engine.

Backed by Oso

Built and run by the most trusted team in authorization. Backed by open source Oso. Support included.

We’re always shipping new features and fixes. Read the Changelog.

Looking for Oso On-Premise?

If you have strict on-premise requirements, build using the open source Oso library on your own.

The best way to learn is to get your hands dirty.

Get updates on Oso Cloud.

We won't spam you. Ever.