Authorization for Laravel applications
Integrate Cerbos authorization into your Laravel application with native support for gates, policies, and Blade directives. Install via Composer and use Laravel's built-in authorization patterns.
Laravel gates and policies
Hooks into Laravel's authorization system so you can use Gate::allows(), @can Blade directives, and authorize() backed by Cerbos policies
Composer package
Install with `composer require cerbos/cerbos-sdk-laravel`, publish the config, and the service provider registers everything automatically
Blade directive support
Use @can and @cannot directives in your Blade templates to conditionally render UI elements based on Cerbos authorization decisions
What is Cerbos?
Cerbos is an enterprise authorization solution built to secure access across complex, distributed environments, SaaS products, and regulated systems.
It externalizes authorization logic from application code, making access control consistent and centrally managed across all your services. Instead of scattering permission checks throughout your codebase, you make a single API call to the Cerbos PDP.
Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They live outside your application and can be updated, tested, and deployed independently.
The Laravel SDK makes integrating Cerbos straightforward, checking authorization is as simple as calling a function, and the stateless PDP scales horizontally with your infrastructure.
How to authorize with the Laravel SDK
- Install the Laravel SDK. Add the package to your project with
composer require cerbos/cerbos-sdk-laravel. - Publish the configuration. Run
php artisan vendor:publish --provider="Cerbos\LaravelSdk\CerbosServiceProvider"to publish the config file and set your PDP endpoint. - Use Laravel's authorization patterns. Call
Gate::allows(), use@canin Blade templates, or call$this->authorize()in controllers. The SDK delegates all checks to the Cerbos PDP. - Cerbos returns allow or deny. The PDP evaluates your YAML policies and returns a decision that Laravel enforces through its standard authorization flow.
FAQ
How do I use the Cerbos Laravel SDK?
Install the package with `composer require cerbos/cerbos-sdk-laravel`, publish the configuration file, and set your PDP endpoint. The SDK automatically registers gates and policies so you can use Laravel's standard Gate::allows(), @can Blade directives, and policy methods backed by Cerbos.
Does the Laravel SDK work with Laravel gates and policies?
Yes. The SDK hooks directly into Laravel's authorization system, registering gates that delegate to the Cerbos PDP. You can use Gate::allows(), Gate::denies(), @can and @cannot Blade directives, and authorize() in controllers.
Is the Laravel SDK open source?
Yes. All Cerbos SDKs are open source and available on GitHub. They are actively maintained and kept up to date with the latest Cerbos PDP features.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + Laravel
- Authorization check via a single function call in Laravel
- Policies evolve independently of application code
- Full audit trail for every authorization decision
- Stateless PDP instances scale horizontally
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.