Authorization for .NET applications
Add Cerbos authorization to your ASP.NET or .NET application with the official NuGet package. Async/await API with strongly typed request and response models.
NuGet package
Install via NuGet and integrate with ASP.NET Core dependency injection, middleware, and controller-based authorization patterns
Async/await support
All SDK methods are async, returning Tasks that integrate naturally with the .NET async programming model and avoid blocking threads
Strongly typed models
Work with typed C# classes for principals, resources, and authorization responses rather than raw dictionaries or JSON
What is Cerbos?
Cerbos is an enterprise authorization solution built to secure access across complex, distributed environments, SaaS products, and regulated systems.
It externalizes authorization logic from application code, making access control consistent and centrally managed across all your services. Instead of scattering permission checks throughout your codebase, you make a single API call to the Cerbos PDP.
Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They live outside your application and can be updated, tested, and deployed independently.
The .NET SDK makes integrating Cerbos straightforward, checking authorization is as simple as calling a function, and the stateless PDP scales horizontally with your infrastructure.
How to authorize with the .NET SDK
- Install the .NET SDK. Add the package to your project with
dotnet add package Cerbos.Sdk. - Initialize the Cerbos client. Create a CerbosClient instance pointing at your Cerbos PDP running as a sidecar, remote service, or connected via Cerbos Hub. Register it in your DI container for ASP.NET Core applications.
- Call CheckResourcesAsync(). Pass the principal, resource, and actions. The method returns a Task with a strongly typed response.
- Cerbos returns allow or deny. The PDP evaluates your YAML policies and returns a decision your application can enforce immediately.
FAQ
How do I use the Cerbos .NET SDK?
Install the package with `dotnet add package Cerbos.Sdk`, create a CerbosClient pointing at your PDP instance, and call CheckResourcesAsync with the principal, resource, and actions. The SDK uses async/await and returns strongly typed response objects.
Does the .NET SDK work with ASP.NET Core?
Yes. The SDK integrates with ASP.NET Core dependency injection and can be registered as a service. It works with middleware pipelines and controller-based authorization patterns.
Is the .NET SDK open source?
Yes. All Cerbos SDKs are open source and available on GitHub. They are actively maintained and kept up to date with the latest Cerbos PDP features.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + .NET
- Authorization check via a single function call in .NET
- Policies evolve independently of application code
- Full audit trail for every authorization decision
- Stateless PDP instances scale horizontally
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.