Implement roles and permissions in your application in minutes, not months, with Cerbos Hub - a complete authorization management system for authoring, testing and deploying policy.
Cerbos Hub is a management interface for Cerbos PDP*.
*At the heart of the Cerbos authorization solution is the Cerbos Policy Decision Point (PDP) - a robust, open source solution crafted to seamlessly implement roles and permissions within your applications.
All the power of Cerbos Policy Decision Point, none of the legwork: Cerbos Hub simplifies policy testing and distribution with a managed CI/CD pipeline. Your policies remain in your GitHub repo, ensuring control and accessibility.Fast and efficient: Policies are optimized for faster startup and reduced memory usage. Changes trigger simultaneous validation, testing, and deployment to all Cerbos PDP instances.
Universal deployment options: Whether on-premise, cloud, functions, or Kubernetes, Cerbos Hub simplifies testing and distribution keeping policy in sync.Embed anywhere: Cerbos Hub enables on-device or at edge authorization via a WebAssembly module generated from your policy.Multiple environments: Manage multiple deployments from a single workspace, with support for tag/branch/commit-based policy distribution.Universal integration: Language-agnostic API adaptable across your stack, with SDKs for all popular languages and integrations with various software frameworks.
Collaborative IDE: Cerbos Hub's fully-featured collaborative IDE for prototyping, developing, and iterating on authorization logic.Built-in testing: Get realtime feedback on every policy change as you type via the automated test runner.GitOps: Integrates into your Git based workflow enabling evolution of authorization policy with ease.No lock-in: Cerbos Hub connects to your Git repo, giving you complete control, ownership and zero lock in.
Iterate with confidence: Cerbos' test suites enable test-driven development (TDD) of authorization logic. All tests are executed in the Cerbos Hub CI pipeline run before policy gets rolled out to PDPs.Full auditing and accountability: Cerbos Hub integrates into your existing git-based workflows providing the audit trail of every change to your authorization logic.
Fine grained context aware permissions.
Provide trials, feature bundles and custom packages for customers.
Manage complex organizational requirements.
Support multiple customer environments at scale.
"It's weird to say an outside company has our back, but Cerbos does. It's the people. It's their open-source code: it's high quality, you can read it, it does what it says on the tin"
"It's a good feeling being able to say yes to almost any permissioning requirement." "Cerbos is small, contained and easy to implement. It 100% delivers on the promise of abstracting away the complexity of decision making."
"We're not worried about scaling because we can easily increase our load on Cerbos. It will also be easy for us to change how we're distributing policies as we reach different points of scale."
"We went from one user - every role, to a world where there are many users - many roles. And the product, it relies on Cerbos to actually bring the value that we want to bring to customers. All of our customers are relying on Cerbos, by relying on the product, which is of course relying on Cerbos."
"Instead of thinking of how much time Cerbos has saved us, I think about how much time it didn't cost us. It didn't cost us any time. Cerbos just works. I don't have to think about it. It's as simple as that."
"One of our big considerations was speed. We have strict latency tolerances. When it comes to Cerbos - you can call it a hundred times during a request and it doesn't matter. It's incredibly fast."
"If it wasn't for Cerbos, one thing is for sure - we would've launched later than we did. As a result, we would have less customers. And the maintenance part is also very important. Our technical team would be dealing with daily stuff regarding access controls, access logs. Now, we don't have to spend any time on that."
"Cerbos policy writing is quite flexible, and deploying as a unit microservice as well. Cerbos "doesn't get in the way" once integrated, that's the best part."
"It is easy to implement and provides a solution for a problem that is often not properly addressed."
"Having the separation of the permissions from the code base just makes the code base more elegant. It makes the permissioning more elegant. It means they're centralized, so they're not tied to specific endpoints. And ultimately it means that different business owners have the ability to actually make updates."
"Just discovered your embedded testing framework. This is probably the best balance between hyperfocused functionality and embedded tooling I've ever seen in an open source project. Damn, good work!"
Want to run authorization yourself?
Prototype policies in your browser right now
Check out our API reference and guides
Join our community on Slack and learn
Stories of Cerbos in production
Book an intro call and learn more
Join thousands of developers | Features and updates | 1x per month | No spam, just goodies.