Frequently Asked Questions

  • What's a warrant?

    Simply put, a warrant is an access control rule or policy. It defines a relationship between objects in your system. At runtime, users are checked against warrants to determine if they have access.

  • Who should use Warrant?

    Warrant is built for developers looking to quickly add authorization and access control to their web or mobile applications. Check out our quickstart guide to get started.

  • When/where should I use Warrant?

    Warrant can be used to add authorization to any web or mobile app back-end and front-end.

  • Does Warrant support role-based or attribute-based access control?

    Yes, Warrant allows you to define rules to govern your users and roles via API or the dashboard in order to implement RBAC or ABAC for your application.

  • Can I implement authentication for my application through Warrant?

    No, Warrant only manages authorization and access control. We recommend that you use a separate authentication provider or implement your own authentication.

  • Can't I just implement authorization and access control myself?

    You can. However, we've found that it's non-trivial to implement and usually takes longer than anticipated. Warrant also employs best practices for authorization and access control, giving you more time to focus on your core business.

  • How secure is Warrant?

    As an authorization and access control service, security and data privacy is top of mind for us. Warrant does not need any of your users' personally identifiable information (PII) to work. In addition, all of your authorization and access control rules are only accessible by you via your unique and private API key.

  • Can I run Warrant in my own datacenter or private cloud?

    Warrant is currently only available as a cloud service. We may offer a self-hosted option in the future. If this is of interest to you, drop us a note.

  • How can I contact you?

    Email us at if you want to get in touch.