Authorization for Ruby applications
Add Cerbos authorization to your Ruby application with the official gem. Idiomatic Ruby API for making authorization checks against the Cerbos PDP.
Install via RubyGems
Available as a gem for easy installation with `gem install cerbos` or by adding it to your Gemfile and running `bundle install`
Idiomatic Ruby API
Uses Ruby conventions with method chaining, symbol keys, and object-based responses that feel natural in any Ruby codebase
Works with any Ruby framework
Use the SDK in Rails, Sinatra, Hanami, or plain Ruby applications to externalize authorization logic from your codebase
What is Cerbos?
Cerbos is an enterprise authorization solution built to secure access across complex, distributed environments, SaaS products, and regulated systems.
It externalizes authorization logic from application code, making access control consistent and centrally managed across all your services. Instead of scattering permission checks throughout your codebase, you make a single API call to the Cerbos PDP.
Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They live outside your application and can be updated, tested, and deployed independently.
The Ruby SDK makes integrating Cerbos straightforward, checking authorization is as simple as calling a function, and the stateless PDP scales horizontally with your infrastructure.
How to authorize with the Ruby SDK
- Install the Ruby SDK. Add
gem "cerbos"to your Gemfile and runbundle install, or install directly withgem install cerbos. - Initialize the Cerbos client. Create a client instance pointing at your Cerbos PDP running as a sidecar, remote service, or connected via Cerbos Hub.
- Call check_resources(). Pass the principal, resource, and actions. The SDK sends the request and returns Ruby objects with the authorization decision.
- Cerbos returns allow or deny. The PDP evaluates your YAML policies and returns a decision your application can enforce immediately.
FAQ
How do I use the Cerbos Ruby SDK?
Install the gem with `gem install cerbos` or add it to your Gemfile, create a client pointing at your Cerbos PDP, and call check_resources with the principal, resource, and actions. The SDK returns Ruby objects you can query for allow/deny decisions.
Does the Ruby SDK work with Rails?
Yes. The SDK works in any Ruby application including Rails. You can initialize the Cerbos client in an initializer and use it in controllers, service objects, or wherever you need authorization checks.
Is the Ruby SDK open source?
Yes. All Cerbos SDKs are open source and available on GitHub. They are actively maintained and kept up to date with the latest Cerbos PDP features.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + Ruby
- Authorization check via a single function call in Ruby
- Policies evolve independently of application code
- Full audit trail for every authorization decision
- Stateless PDP instances scale horizontally
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.