Warrant has been acquired by WorkOS! 🎉 Read the official announcement for more details.

Authorization & Access Control Infrastructure for Developers

ACCESS PASSserver 56Alloweditserver 56store 91SubjectSubjectobjectRelationobjectstore 91

Enforce user roles and permissions
Secure data across multi-tenant apps
Implement fine grained access control
Gate paid features behind pricing tiers
Enforce attribute based access control
Simplify org and team management
Enforce policy based access control

Centralized Authorization, Globally Distributed

Define your authorization model once, enforce it anywhere. Warrant unifies authorization across microservices, frontend applications, cloud environments, edge runtimes, and more.

Learn More
1
Build your authorization model in Warrant, defining key resources, role hierarchies & inheritance rules, access policies, and more using object types and warrants.
2
Create and manage access rules (roles, permissions, fine-grained rules, etc.) for your users from the Warrant dashboard or programmatically via API or CLI.
3
Protect access to internal & customer-facing applications, API endpoints, cloud resources, and more using one of the official Warrant SDKs.

From Our Blog

Zanzibar: Google's Consistent, Global Authorization System

A deep-dive into Google Zanzibar, covering its key concepts and its strengths and weaknesses.

Why Google Zanzibar Shines at Authorization

Our CTO explores what makes Google Zanzibar especially compelling for building application authorization.

Understanding Relationship Based Access Control (ReBAC)

A deep-dive into Relationship Based Access Control, covering what it is, when/why to use it, and its pros/cons.

World-Class Developer Experience

Robust, well-documented APIs, intuitive SDKs, drop-in embeddable components, and a powerful CLI make up the backbone of an authorization platform developers love and rely on to serve millions of requests each day.

1#
2# Check that user is not viewer of document.
3#
4warrant check \
5    user:c88b7d viewer document:product-roadmap --assert false
6

7#
8# Assign user as viewer of document.
9#
10warrant assign \
11    user:c88b7d viewer document:product-roadmap
12

13#
14# Check that user is now viewer of document.
15#
16warrant check \
17    user:c88b7d viewer document:product-roadmap --assert true
18

19

20

Server-side Authorization

SDKs for the most popular back-end languages & frameworks like Express, Go, Python, Java, and Ruby to add permission checks to your back-end API routes and business logic.

goGojavaJavapythonPythonrubyRubyexpressjsExpress.jsnodejsNode.jsphpPHPgithubView All

Client-side Authorization

Drop-in higher-order components for React.js, Next.js, and Vue.js to help you build UIs that are permission-aware and behave dynamically based on each user's access rules.

nextjsNext.jsreactjsReact.jsvuejsVue.jsangularjsAngularJSgithubView All

Complete Platform for Authorization

With tools built for developers, IT administrators, and even sales & customer support, Warrant is a complete platform for authorization across internal and customer-facing use cases.

Role Based Access Control

Roles & Permissions

Pricing Tiers & Entitlements

Pricing Tiers & Entitlements

Multitenancy

Org & Team Management

Fine Grained Access

Fine Grained Access

Policy Based Access

Policy Based Access

APIs & Integrations

APIs & Integrations

Audit Logs

Audit Logs

Embeddable Components

Embeddable Components

Management Dashboard

Management Dashboard

Self-Serve Workflows

No/Low Code Workflows

1{
2    "type": "team",
3    "relations": {
4        "admin": {},
5        "manager": {
6            "inheritIf": "admin"
7        },
8        "member": {
9            "inheritIf": "manager"
10        }
11    }
12}

Model Permissions as Schema

Model any access control scheme from RBAC to FGAC & ABAC, or create a custom model that fits your use-case and requirements using object types.

Management Dashboard

A management dashboard designed for use by developers, IT administrators, and even customer support & account managers makes it simple to manage employee and/or user access.

Low/No-Code Self-Service Workflows

Prebuilt, Warrant-hosted pages allow you to add delegated, self-service access management to any application with little to no code.

Comprehensive Audit Logs

Monitor, review, and audit changes to your authorization model & rules as well as every authorization check and its resulting decision. Meet compliance standards like SOC 2, HIPAA, ISO 27001, and PCI with ease.