awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
Permify avatar

Permify/permify

0
View on GitHub↗
5,812 estrellas·283 forks·Go·agpl-3.0·4 vistaspermify.co↗

Permify

Features

  • Authorization Services - Provides a standalone authorization service that abstracts access control logic from application code.
  • Authorization Schema Managers - Creates, reads, lists, and partially updates the authorization model schema defining resource types and permissions.
  • Authorization Relations - Creates named relationships between entities to model user-resource connections for permission evaluation.
  • Relational Entity Filtering - Filters stored relation tuples by specified criteria to retrieve authorization relationships.
  • Authorization Policy Isolators - Isolates authorization policies and data per tenant while managing all tenants from a single service.
  • Tenant Lifecycle Managers - Manages isolated tenant spaces within the authorization service for multi-tenant deployments.
  • Permission Query Evaluators - Evaluates permission queries in tens of milliseconds by traversing stored relation tuples and streaming changes.
  • Permissions Engines - Provides an open-source engine that centralizes authorization logic, supporting RBAC, ReBAC, and ABAC.
  • Permission - Specifies access control decisions using set-algebraic operators like intersection and union.
  • Authorization Mode Managers - Manages authorization data by writing, reading, and deleting relationships and attributes.
  • Attribute-Aware Policy Evaluators - Evaluates runtime attributes such as IP ranges and time periods during permission graph traversal.
  • Dynamic Attribute Policies - Ships a permission engine that evaluates runtime attributes like IP ranges and time periods for context-aware access decisions.
  • Declarative Permission Modelers - Defines resource-specific, hierarchical permissions using a domain-specific language with RBAC, ReBAC, and ABAC.
  • Granular Permission Systems - Provides a domain-specific language for defining resource-specific, hierarchical, and context-aware permissions.
  • Relationship-Based Access Controls - Evaluates whether a user has a specific permission on a resource by traversing stored authorization relationships.
  • Authorization Services - Models, evaluates, and audits fine-grained access permissions using a domain-specific language and real-time checks.
  • Custom Authorization Logic - Provides a standalone service that abstracts custom authorization logic from application code.
  • Entity Definitions - Defines entities like documents and users as the core objects for permission modeling.
  • Low-Latency Permission Evaluators - Evaluates permission queries in tens of milliseconds to answer whether a user can access a specific resource.
  • Namespace-Based Isolation - Separates authorization data and schema per tenant using isolated namespaces.
  • Permission-Based Access Control - Implements permission-based access control to find all entities a user has a specific permission on.
  • Entity Lookups - Provides an API to look up all entities a user has a given permission on.
  • Real-Time Checks - Evaluates access control queries and returns decisions in tens of milliseconds.
  • Bulk Permission Checkers - Processes up to one hundred permission checks in a single batched request.
  • Request Authentication Middleware - Secures API endpoints with configurable middleware that validates OpenID Connect JWTs or pre-shared keys.
  • Relation Tuple Traversals - Evaluates permissions by traversing a directed graph of stored relation tuples.
  • Multi-tenant Isolation Policies - Isolates authorization logic and custom permissions per tenant from a single service instance.
  • Authorization Schemas - Defines entities, relations, and permissions using a declarative schema with versioning and partial updates.
  • Authorization State Streamers - Streams real-time events for changes to relationships and attributes for external synchronization or auditing.
  • Authorization Data Retrievals - Retrieves stored relationships and attributes for a given resource or subject.
  • Immutable Schema Snapshots - Manages authorization model versions by storing immutable schema snapshots for rollback and audit.
  • Relation Tuple Deletions - Removes stored authorization relationships by deleting specified relation tuples.
  • Authorization Data Deletions - Removes stored relationships and attributes to revoke access or clean up stale data.
  • Authorization Data Writings - Stores relationships and attributes that define who has what access to which resources.
  • Authorization Bundle Managers - Creates and deletes bundled sets of relations and attributes for authorization data alignment.
  • Relation Tuple Writings - Creates authorization relationships between users and resources by storing relation tuples.
  • Authorization Data Bundle Managers - Writes, reads, and deletes pre-packaged sets of schema and data for repeatable authorization setups.
  • Authorization Data Bundles - Executes pre-packaged schema and data operations to bootstrap or reset authorization state.
  • Change Data Capture Streams - Exposes real-time authorization state changes through a streaming API for external subscriptions.
  • Shared Secret Keys - Requires a pre-shared secret key in each request to verify the caller's identity.
  • OpenID Connect Token Validations - Validates JWTs from external OpenID Connect providers to authenticate API requests.
  • API Request Authentication - Secures API endpoints using OpenID Connect or pre-shared keys, requiring a bearer token for access.
  • Batch Permission Evaluators - Evaluates up to one hundred permission requests in a single API call to reduce network overhead.
  • Permission Tree Expanders - Expands permission trees and streams real-time changes to inspect and verify access control decisions.
  • Permission Listings - Lists every permission a given subject has on a specific resource across all relevant relationship types.
  • Subject Lookups - Finds all subjects that have a specific permission on a given entity.
  • Authorization Event Loggers - Outputs real-time logs of authorization activity with configurable level and format for monitoring and debugging.
  • Relation Tuple Streamers - Streams changes to relation tuples as they occur, enabling live updates to authorization state.
  • Permission Tree Expansions - Expands permission trees to show all users and relationships that grant a specific access right.
  • Schema Expansions - Reveals all permissions and relations derived from a given permission or relation in the schema.
  • Access Control Frameworks - Authorization-as-a-service platform modeled after Google Zanzibar.

Historial de estrellas

Gráfico del historial de estrellas de permify/permifyGráfico del historial de estrellas de permify/permify

Búsqueda con IA

Explora más repositorios increíbles

Describe lo que necesitas en lenguaje sencillo: la IA clasifica miles de proyectos open-source curados por relevancia.

Start searching with AI

Alternativas open-source a Permify

Proyectos open-source similares, clasificados según cuántas características comparten con Permify.
  • openfga/openfgaAvatar de openfga

    openfga/openfga

    4,793Ver en GitHub↗

    OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access control. It serves as a centralized authorization service for evaluating access requests and managing relationship tuples across distributed microservices and multi-tenant environments. The engine combines relationship graphs with attribute-based access control, using the Common Expression Language to evaluate dynamic runtime attributes and conditional access rules. It handles complex hierarchies and nested permissions by traversing chains of associations and parent-child links t

    Goabacauthorizationentitlements
    Ver en GitHub↗4,793
  • authzed/spicedbAvatar de authzed

    authzed/spicedb

    6,781Ver en GitHub↗

    SpiceDB is a distributed permission store and relationship-based access control system. It provides a scalable database for storing and querying fine-grained authorization relationships, implementing a consistency model inspired by Google Zanzibar to manage access rights across large-scale applications. The system uses a dedicated schema language to define the rules and logic governing how relationships translate into permissions independently of application code. It functions as a pluggable authorization engine that persists relationship tuples in external relational databases such as Postgr

    Go
    Ver en GitHub↗6,781
  • ory/ketoAvatar de ory

    ory/keto

    5,270Ver en GitHub↗

    Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control model. It stores every access relationship as a tuple in a SQL database and exposes a declarative TypeScript-like namespace language for defining object types, relations, and permissions. The service provides bidirectional permission resolution, configurable consistency levels for checks, and dual gRPC and REST APIs for broad integration. Keto extends the Zanzibar model with edge enforcement of access policies, structured compliance auditing of permission decisions, and infrastr

    Goabacaccess-controlacl
    Ver en GitHub↗5,270
  • cerbos/cerbosAvatar de cerbos

    cerbos/cerbos

    4,460Ver en GitHub↗

    Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec

    Goaccess-controlauthorizationgo
    Ver en GitHub↗4,460
Ver las 30 alternativas a Permify→

Preguntas frecuentes

¿Cuáles son las características principales de permify/permify?

Las características principales de permify/permify son: Authorization Services, Authorization Schema Managers, Authorization Relations, Relational Entity Filtering, Authorization Policy Isolators, Tenant Lifecycle Managers, Permission Query Evaluators, Permissions Engines.

¿Qué alternativas de código abierto existen para permify/permify?

Las alternativas de código abierto para permify/permify incluyen: openfga/openfga — OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access… authzed/spicedb — SpiceDB is a distributed permission store and relationship-based access control system. It provides a scalable… ory/keto — Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control… cerbos/cerbos — Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing… casbin/casbin — Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse… deepstreamio/deepstream.io — deepstream.io is an open-source realtime server that synchronizes JSON records, events, and remote procedure calls…