Login

Fine Grained Authorization

Okta FGA is now Generally Available! 🚀 Learn more

Authorization built to scale

Enable user collaboration and granular access control in your applications using developer-friendly APIs

Empower your users

Frictionless collaboration

Allow your users and partners to collaborate securely

Easily manage groups, teams, organizations or any set of users
Enable content sharing with just a single API call

Embrace the possibilities

Granular access

Grant access to individual resources in your system

Get absolute control about the level of access you provide your users
Iterate. Make access control more granular as your product grows

Maximize reuse

Flexible and Centralized

Seamlessly manage authorization for all your products

Make authorization rules explicit and standardize how authorization is done across your company
Easily implement authorization for any new features or products

Built for developers

Empower your development teams to programatically define authorization logic and integrate with your existing systems

Read the docs

Features

  • Define your authorization model in a language that is easy to both read and write. This simplifies initial setup, permission auditing and future iteration.

    1type user
    2type group
    3  relations
    4    define member: [user]
    5type folder
    6 relations
    7    define owner: [user]
    8    define parent: [folder]
    9    define viewer: [user, group#member] or owner or viewer from parent
    10type doc
    11  relations
    12    define owner: [user]
    13    define parent: [folder]
    14    define viewer: [user, group#member] or owner
  • Use developer friendly APIs for everything: setting up your authorization model, versioning it, adding data to Auth0 FGA and performing authorization checks.

    1type user
    2type group
    3  relations
    4    define member: [user]
    5type folder
    6 relations
    7    define owner: [user]
    8    define parent: [folder]
    9    define viewer: [user, group#member] or owner or viewer from parent
    10type doc
    11  relations
    12    define owner: [user]
    13    define parent: [folder]
    14    define viewer: [user, group#member] or owner
  • No infrastructure to manage or deploy. FGA is a managed SaaS that scales with your use. Just plug it to your system and get fine grained authorization working.

    1type user
    2type group
    3  relations
    4    define member: [user]
    5type folder
    6 relations
    7    define owner: [user]
    8    define parent: [folder]
    9    define viewer: [user, group#member] or owner or viewer from parent
    10type doc
    11  relations
    12    define owner: [user]
    13    define parent: [folder]
    14    define viewer: [user, group#member] or owner
1type user
2type group
3  relations
4    define member: [user]
5type folder
6 relations
7    define owner: [user]
8    define parent: [folder]
9    define viewer: [user, group#member] or owner or viewer from parent
10type doc
11  relations
12    define owner: [user]
13    define parent: [folder]
14    define viewer: [user, group#member] or owner

Fundamentals

  • Global

    Fine Grained Authorization globally replicates data to multiple regions, allowing reads and writes to any of them. This minimizes latency and increases availability through redundancy

  • Scalable

    Fine Grained Authorization is built to scale. It can store many millions of objects and continuously handle tens of thousands of authorization checks per second

  • Fast

    Fine Grained Authorization is optimized for fast authorization checks. It runs geographically close to its clients, and uses various techniques to minimize tail latency

Get started →

Set up Fine Grained Authorization and unleash the power of relationship based access control for your applications

Learn More →

Explore OpenFGA, the Auth0 by Okta-designed CNCF-adopted open source technology that powers Fine Grained Authorization