Authorization for Java applications
Add Cerbos authorization to your Java application with the official SDK. Available on Maven Central, with Spring Boot integration and CompletableFuture support.
Maven Central package
Available on Maven Central for easy inclusion in Maven and Gradle projects, with no additional repository configuration needed
Spring Boot compatible
Register the Cerbos client as a Spring bean and integrate authorization checks with Spring Security, controllers, and service layers
Blocking and async clients
Choose CerbosBlockingClient for synchronous calls or CerbosClient for non-blocking operations that return CompletableFuture
What is Cerbos?
Cerbos is an enterprise authorization solution built to secure access across complex, distributed environments, SaaS products, and regulated systems.
It externalizes authorization logic from application code, making access control consistent and centrally managed across all your services. Instead of scattering permission checks throughout your codebase, you make a single API call to the Cerbos PDP.
Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They live outside your application and can be updated, tested, and deployed independently.
The Java SDK makes integrating Cerbos straightforward, checking authorization is as simple as calling a function, and the stateless PDP scales horizontally with your infrastructure.
How to authorize with the Java SDK
- Install the Java SDK. Add
dev.cerbos:cerbos-sdk-javaas a dependency in your Mavenpom.xmlor Gradle build file. - Initialize the Cerbos client. Create a CerbosBlockingClient or CerbosClient pointing at your Cerbos PDP running as a sidecar, remote service, or connected via Cerbos Hub.
- Call checkResources(). Pass the principal, resource, and actions. Use the blocking client for synchronous responses or the async client for CompletableFuture-based responses.
- Cerbos returns allow or deny. The PDP evaluates your YAML policies and returns a decision your application can enforce immediately.
FAQ
How do I use the Cerbos Java SDK?
Add the cerbos-sdk-java dependency to your Maven pom.xml or Gradle build file, create a CerbosBlockingClient or CerbosClient pointing at your PDP, and call checkResources() with the principal, resource, and actions.
Does the Java SDK work with Spring Boot?
Yes. The SDK can be configured as a Spring bean and injected into your services and controllers. It works with Spring Security for integrating Cerbos decisions into your existing authorization flow.
Is the Java SDK open source?
Yes. All Cerbos SDKs are open source and available on GitHub. They are actively maintained and kept up to date with the latest Cerbos PDP features.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + Java
- Authorization check via a single function call in Java
- Policies evolve independently of application code
- Full audit trail for every authorization decision
- Stateless PDP instances scale horizontally
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.