Authorization for Django applications with Cerbos
Add policy-based authorization to Django views and middleware using the Cerbos Python SDK. Enforce fine-grained access control without hard-coding permission logic in views or models.
Authorize views and middleware
Add Cerbos checks in Django views or middleware to enforce permissions before requests reach your application logic
Attribute-based decisions
Pass user identity, request data, and model attributes from Django to Cerbos for context-aware authorization decisions
Decouple policy from code
Move authorization rules out of Django views and model permissions into versioned YAML policies that update without redeployment
How Cerbos works with Django
Building authorization logic inside Django quickly becomes a maintenance burden. Hard-coded role checks scatter across controllers and middleware, and every permission change requires a code deploy.
Cerbos replaces scattered authorization logic with a single API call. You define fine-grained policies in YAML, and the Cerbos PDP evaluates them at request time using roles, attributes, and any context you provide.
With Cerbos your Django application stays focused on business logic while authorization policies evolve independently, managed by product or security teams without touching code.
How Cerbos works with Django
- Add the Cerbos Python SDK to your Django project. Install the SDK and configure a Cerbos client, typically initialized in a middleware class or utility module.
- Call Cerbos from views or middleware. Extract the authenticated user from Django's request object, build a Cerbos check request with the target resource and action, and allow or deny access based on the PDP response.
- Define authorization policies in YAML. Write resource and principal policies that capture your access control rules, including roles, attributes, and conditions. Store them alongside your code and version them in git.
- Cerbos evaluates policies at request time. Every authorization check is evaluated against the latest policies with sub-millisecond latency. Update rules without redeploying your Django application.
FAQ
How do I integrate Cerbos with Django?
Use the Cerbos Python SDK to create a client and call the Cerbos PDP from your Django views or middleware. Extract the authenticated user from the request, build a Cerbos check request with the resource and action, and gate access based on the PDP response.
Can I use Cerbos as Django middleware?
Yes. Create a Django middleware class that intercepts requests, extracts the principal and resource information, and calls the Cerbos PDP before the view executes. The Cerbos PDP responds in sub-millisecond time, adding negligible latency to request processing.
Does Cerbos replace Django's built-in permissions?
Cerbos can replace or augment Django's built-in permission system. Instead of defining permissions in models and checking them with decorators, you define authorization policies in YAML and evaluate them at request time through the Cerbos PDP.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + Django
- Single API call replaces hard-coded permission checks in Django
- Policies updated independently of application deploys
- Authorization policies versioned and tested like source code
- Stateless PDP scales independently of the application
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.