awesome-repositories.com
Blog
awesome-repositories.com

Découvrez les meilleurs dépôts open-source grâce à notre recherche par IA.

ExplorerRecherches sélectionnéesAlternatives open sourceLogiciels auto-hébergésBlogPlan du site
ProjetÀ proposNotre méthodologiePresseServeur MCP
Mentions légalesConfidentialitéConditions d'utilisation
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
Permify avatar

Permify/permify

0
View on GitHub↗
5,812 stars·283 forks·Go·agpl-3.0·4 vuespermify.co↗

Permify

Features

  • Authorization Services - Provides a standalone authorization service that abstracts access control logic from application code.
  • Authorization Schema Managers - Creates, reads, lists, and partially updates the authorization model schema defining resource types and permissions.
  • Authorization Relations - Creates named relationships between entities to model user-resource connections for permission evaluation.
  • Relational Entity Filtering - Filters stored relation tuples by specified criteria to retrieve authorization relationships.
  • Authorization Policy Isolators - Isolates authorization policies and data per tenant while managing all tenants from a single service.
  • Tenant Lifecycle Managers - Manages isolated tenant spaces within the authorization service for multi-tenant deployments.
  • Permission Query Evaluators - Evaluates permission queries in tens of milliseconds by traversing stored relation tuples and streaming changes.
  • Permissions Engines - Provides an open-source engine that centralizes authorization logic, supporting RBAC, ReBAC, and ABAC.
  • Permission - Specifies access control decisions using set-algebraic operators like intersection and union.
  • Authorization Mode Managers - Manages authorization data by writing, reading, and deleting relationships and attributes.
  • Attribute-Aware Policy Evaluators - Evaluates runtime attributes such as IP ranges and time periods during permission graph traversal.
  • Dynamic Attribute Policies - Ships a permission engine that evaluates runtime attributes like IP ranges and time periods for context-aware access decisions.
  • Declarative Permission Modelers - Defines resource-specific, hierarchical permissions using a domain-specific language with RBAC, ReBAC, and ABAC.
  • Granular Permission Systems - Provides a domain-specific language for defining resource-specific, hierarchical, and context-aware permissions.
  • Relationship-Based Access Controls - Evaluates whether a user has a specific permission on a resource by traversing stored authorization relationships.
  • Authorization Services - Models, evaluates, and audits fine-grained access permissions using a domain-specific language and real-time checks.
  • Custom Authorization Logic - Provides a standalone service that abstracts custom authorization logic from application code.
  • Entity Definitions - Defines entities like documents and users as the core objects for permission modeling.
  • Low-Latency Permission Evaluators - Evaluates permission queries in tens of milliseconds to answer whether a user can access a specific resource.
  • Namespace-Based Isolation - Separates authorization data and schema per tenant using isolated namespaces.
  • Permission-Based Access Control - Implements permission-based access control to find all entities a user has a specific permission on.
  • Entity Lookups - Provides an API to look up all entities a user has a given permission on.
  • Real-Time Checks - Evaluates access control queries and returns decisions in tens of milliseconds.
  • Bulk Permission Checkers - Processes up to one hundred permission checks in a single batched request.
  • Request Authentication Middleware - Secures API endpoints with configurable middleware that validates OpenID Connect JWTs or pre-shared keys.
  • Relation Tuple Traversals - Evaluates permissions by traversing a directed graph of stored relation tuples.
  • Multi-tenant Isolation Policies - Isolates authorization logic and custom permissions per tenant from a single service instance.
  • Authorization Schemas - Defines entities, relations, and permissions using a declarative schema with versioning and partial updates.
  • Authorization State Streamers - Streams real-time events for changes to relationships and attributes for external synchronization or auditing.
  • Authorization Data Retrievals - Retrieves stored relationships and attributes for a given resource or subject.
  • Immutable Schema Snapshots - Manages authorization model versions by storing immutable schema snapshots for rollback and audit.
  • Relation Tuple Deletions - Removes stored authorization relationships by deleting specified relation tuples.
  • Authorization Data Deletions - Removes stored relationships and attributes to revoke access or clean up stale data.
  • Authorization Data Writings - Stores relationships and attributes that define who has what access to which resources.
  • Authorization Bundle Managers - Creates and deletes bundled sets of relations and attributes for authorization data alignment.
  • Relation Tuple Writings - Creates authorization relationships between users and resources by storing relation tuples.
  • Authorization Data Bundle Managers - Writes, reads, and deletes pre-packaged sets of schema and data for repeatable authorization setups.
  • Authorization Data Bundles - Executes pre-packaged schema and data operations to bootstrap or reset authorization state.
  • Change Data Capture Streams - Exposes real-time authorization state changes through a streaming API for external subscriptions.
  • Shared Secret Keys - Requires a pre-shared secret key in each request to verify the caller's identity.
  • OpenID Connect Token Validations - Validates JWTs from external OpenID Connect providers to authenticate API requests.
  • API Request Authentication - Secures API endpoints using OpenID Connect or pre-shared keys, requiring a bearer token for access.
  • Batch Permission Evaluators - Evaluates up to one hundred permission requests in a single API call to reduce network overhead.
  • Permission Tree Expanders - Expands permission trees and streams real-time changes to inspect and verify access control decisions.
  • Permission Listings - Lists every permission a given subject has on a specific resource across all relevant relationship types.
  • Subject Lookups - Finds all subjects that have a specific permission on a given entity.
  • Authorization Event Loggers - Outputs real-time logs of authorization activity with configurable level and format for monitoring and debugging.
  • Relation Tuple Streamers - Streams changes to relation tuples as they occur, enabling live updates to authorization state.
  • Permission Tree Expansions - Expands permission trees to show all users and relationships that grant a specific access right.
  • Schema Expansions - Reveals all permissions and relations derived from a given permission or relation in the schema.
  • Access Control Frameworks - Authorization-as-a-service platform modeled after Google Zanzibar.

Historique des stars

Graphique de l'historique des stars pour permify/permifyGraphique de l'historique des stars pour permify/permify

Recherche par IA

Explorez plus de dépôts awesome

Décrivez vos besoins en langage naturel — l'IA classe des milliers de projets open source sélectionnés par pertinence.

Start searching with AI

Questions fréquentes

Quelles sont les fonctionnalités principales de permify/permify ?

Les fonctionnalités principales de permify/permify sont : Authorization Services, Authorization Schema Managers, Authorization Relations, Relational Entity Filtering, Authorization Policy Isolators, Tenant Lifecycle Managers, Permission Query Evaluators, Permissions Engines.

Quelles sont les alternatives open-source à permify/permify ?

Les alternatives open-source à permify/permify incluent : openfga/openfga — OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access… authzed/spicedb — SpiceDB is a distributed permission store and relationship-based access control system. It provides a scalable… ory/keto — Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control… cerbos/cerbos — Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing… casbin/casbin — Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse… deepstreamio/deepstream.io — deepstream.io is an open-source realtime server that synchronizes JSON records, events, and remote procedure calls…

Alternatives open source à Permify

Projets open source similaires, classés selon le nombre de fonctionnalités partagées avec Permify.
  • openfga/openfgaAvatar de openfga

    openfga/openfga

    4,793Voir sur GitHub↗

    OpenFGA is a fine-grained authorization server and policy decision point that implements relationship-based access control. It serves as a centralized authorization service for evaluating access requests and managing relationship tuples across distributed microservices and multi-tenant environments. The engine combines relationship graphs with attribute-based access control, using the Common Expression Language to evaluate dynamic runtime attributes and conditional access rules. It handles complex hierarchies and nested permissions by traversing chains of associations and parent-child links t

    Goabacauthorizationentitlements
    Voir sur GitHub↗4,793
  • authzed/spicedbAvatar de authzed

    authzed/spicedb

    6,781Voir sur GitHub↗

    SpiceDB is a distributed permission store and relationship-based access control system. It provides a scalable database for storing and querying fine-grained authorization relationships, implementing a consistency model inspired by Google Zanzibar to manage access rights across large-scale applications. The system uses a dedicated schema language to define the rules and logic governing how relationships translate into permissions independently of application code. It functions as a pluggable authorization engine that persists relationship tuples in external relational databases such as Postgr

    Go
    Voir sur GitHub↗6,781
  • ory/ketoAvatar de ory

    ory/keto

    5,270Voir sur GitHub↗

    Ory Keto is an open-source authorization server that implements Google Zanzibar’s relationship-based access control model. It stores every access relationship as a tuple in a SQL database and exposes a declarative TypeScript-like namespace language for defining object types, relations, and permissions. The service provides bidirectional permission resolution, configurable consistency levels for checks, and dual gRPC and REST APIs for broad integration. Keto extends the Zanzibar model with edge enforcement of access policies, structured compliance auditing of permission decisions, and infrastr

    Goabacaccess-controlacl
    Voir sur GitHub↗5,270
  • cerbos/cerbosAvatar de cerbos

    cerbos/cerbos

    4,460Voir sur GitHub↗

    Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec

    Goaccess-controlauthorizationgo
    Voir sur GitHub↗4,460
  • Voir les 30 alternatives à Permify→