Frameworks

Authorization for Hono applications with Cerbos

Add policy-based authorization to Hono routes and middleware using the Cerbos JavaScript SDK. Enforce fine-grained access control at the edge or in serverless environments.

Guard routes at the edge

Add Cerbos checks as Hono middleware to enforce permissions before requests reach your handler functions, including on edge runtimes

Context from request data

Pass user identity, request headers, and resource attributes from Hono's context to Cerbos for attribute-based authorization decisions

Decouple policy from code

Move authorization rules out of route handlers into versioned YAML policies that can be updated without redeploying your Hono application

How Cerbos works with Hono

Building authorization logic inside Hono quickly becomes a maintenance burden. Hard-coded role checks scatter across controllers and middleware, and every permission change requires a code deploy.

Cerbos replaces scattered authorization logic with a single API call. You define fine-grained policies in YAML, and the Cerbos PDP evaluates them at request time using roles, attributes, and any context you provide.

With Cerbos your Hono application stays focused on business logic while authorization policies evolve independently, managed by product or security teams without touching code.

Policy-as-codeHuman-readable YAML policies managed like source code Scalable PDPStateless policy decision point with sub-millisecond latency Centralized managementManage, test, and deploy policies from a single control plane

How Cerbos works with Hono

Add the Cerbos JavaScript SDK to your Hono project. Install the SDK and configure a Cerbos client, typically initialized at application startup.
Call Cerbos from route handlers or middleware. Extract the authenticated user from Hono's context, build a Cerbos check request with the target resource and action, and allow or deny access based on the PDP response.
Define authorization policies in YAML. Write resource and principal policies that capture your access control rules, including roles, attributes, and conditions. Store them alongside your code and version them in git.
Cerbos evaluates policies at request time. Every authorization check is evaluated against the latest policies with sub-millisecond latency. Update rules without redeploying your Hono application.

FAQ

How do I integrate Cerbos with Hono?

Use the Cerbos JavaScript SDK to create a client and call the Cerbos PDP from your Hono route handlers or middleware. Extract the authenticated user from the request context, build a Cerbos check request, and gate access based on the PDP response.

Can I use Cerbos as Hono middleware?

Yes. Create a Hono middleware function that extracts principal and resource information from the context, calls the Cerbos PDP, and either allows the request to continue or returns a 403. Apply it to specific routes or route groups. The Cerbos PDP responds in sub-millisecond time.

Does Cerbos work with Hono on edge runtimes?

Yes. The Cerbos JavaScript SDK uses HTTP to communicate with the PDP, so it works in edge and serverless runtimes like Cloudflare Workers, Deno Deploy, and Vercel Edge Functions where Hono commonly runs.