Topaz is an open-source authorization service providing fine grained, real-time, policy based access control for applications and APIs.
It comes with built in support for every major programming language as well as every popular authorization model (RBAC, ABAC, PBAM, ReBAC, and combinations).
Aserto helps you build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs.
Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, resource and relationship data, and decision logs. And it comes with everything you need to implement RBAC, ABAC, and ReBACm or any other authorization model.
Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, version, sign, and test these policies.
No Topaz.sh videos yet. You could help us improve this page by suggesting one.
Topaz.sh's answer
It is the only open-source authorization project to support every authorization model and combinations
Topaz.sh's answer
Applications developers charged with implementing access controls for their applications/APIs
Topaz.sh's answer
Golang based and uses Open Policy Agent as the decision engine
Based on our record, Topaz.sh seems to be more popular. It has been mentiond 1 time since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Congrats on the launch! [Disclosure: I'm one of the co-founders of Aserto, the creators of Topaz]. The problem of data filtering is indeed a huge part of building an effective authorization system. Partial evaluation is one way of doing it, although with systems like OPA [0] it requires a lot of heavy lifting (parsing the returned AST and converting it into a WHERE clause). Looking forward to seeing how turnkey... - Source: Hacker News / about 2 months ago
authzed - The platform to store, compute, and validate app permissions
Cerbos - Cerbos helps teams separate their authorization process from their core application code, making their authorization system more scalable, more secure and easier to change as the application evolves.
Warrant - Authorization and access control infrastructure for developers
Oso - A batteries-included system for authorization.
Ory - Developer-first Access Management
Permit.io - Fullstack Authorization as a Service for cloud native applications