Fine Grained Authorization that scales with you
Fast, scalable, flexible. Fine Grained Authorization (FGA) enables user collaboration and access control with unmatched granularity, all with easy-to-use APIs.
Industry-leading customers are already using FGA
Seamlessly scalable
Manage complex authorization scenarios efficiently, and with low latency, as your user base and systems grow.
Easily manage permissions to millions of users and billions of resources. FGA is available for multi-region deployment with a 99.9% SLA.
Flexible and centralized
Continuously iterate and evolve your applications by moving your authorization to a centralized place, allowing the flexibility to release new products faster.
Granular access
Improve security by defining group and user permissions for every application resource (like documents, records, projects, accounts, or any other resource).
Frictionless collaboration
Allow your users and partners to collaborate more securely. Easily manage groups, teams, organizations or any set of users and enable content sharing with just a single API call.
Features built for developers
Empower your development teams to programmatically define authorization logic and integrate with your existing systems.Read the docs →
Define your authorization model in a language that is easy to both read and write. This simplifies initial setup, permission auditing, and future iteration.
1type user 2type group 3 relations 4 define member: [user] 5type folder 6 relations 7 define owner: [user] 8 define parent: [folder] 9 define viewer: [user, group#member] or owner or viewer from parent 10type doc 11 relations 12 define owner: [user] 13 define parent: [folder] 14 define viewer: [user, group#member] or owner 15 16 17Use APIs for a variety of tasks: setting up your authorization model, versioning it, adding data to FGA, and performing authorization checks.
1type user 2type group 3 relations 4 define member: [user] 5type folder 6 relations 7 define owner: [user] 8 define parent: [folder] 9 define viewer: [user, group#member] or owner or viewer from parent 10type doc 11 relations 12 define owner: [user] 13 define parent: [folder] 14 define viewer: [user, group#member] or owner 15 16 17No infrastructure to manage or deploy. FGA is a managed SaaS that scales with your use. Just plug it into your system and get fine-grained authorization working.
1type user 2type group 3 relations 4 define member: [user] 5type folder 6 relations 7 define owner: [user] 8 define parent: [folder] 9 define viewer: [user, group#member] or owner or viewer from parent 10type doc 11 relations 12 define owner: [user] 13 define parent: [folder] 14 define viewer: [user, group#member] or owner 15 16 17
1type user
2type group
3 relations
4 define member: [user]
5type folder
6 relations
7 define owner: [user]
8 define parent: [folder]
9 define viewer: [user, group#member] or owner or viewer from parent
10type doc
11 relations
12 define owner: [user]
13 define parent: [folder]
14 define viewer: [user, group#member] or owner
15
16
17Performance fundamentals
Global
FGA replicates data globally across multiple regions, enabling both reads and writes in any of the supported locations. This minimizes latency and increases availability through redundancy.
Scalable
FGA is built to scale. It can store millions of objects and continuously handle tens of thousands of authorization checks per second.
Fast
FGA is optimized for fast authorization checks. It runs geographically close to its clients, and uses various techniques to minimize tail latency.
Built on OpenFGA
Join us and others to build a foundation that secures authorization for the world. Designed by Auth0 by Okta, and now owned by Cloud Native Computing Foundation, OpenFGA sits at the heart of our FGA service.
Get started today
Set up Fine Grained Authorization and unleash the
power of relationship-based access control for your applications.
Try the FGA Dashboard ↗