Zanzibar is a fine-grained authorization (FGA) system, originally proposed by Google in a research paper. It allows for the definition of a complex access control policy, in which permissions are defined in terms of resources, actions and conditions. The main goal of Zanzibar-based services is to provide a flexible authorization system that can be used from simple web applications to complex distributed systems.
Find this curated list of awesome providers, services and resources for Zanzibar.
Zanzibar as SaaS and Open Source solutions.
- Auth0 FGA - OpenFGA service serve as a SaaS by Auth0.
- Cloudentity - Cloud Identity and Authorization Platform providing Zanzibar-based permissions.
- Keto - Open Source implementation of the Google Zanzibar paper, part of the Ory ecosystem.
- OpenFGA - An open source implementation of the Google Zanzibar paper hosted by The Linux Foundation.
- Permify - An open source solution for managing permissions using the Zanzibar model.
- Permit.io ReBAC - Google Zanzibar style graph-based authorization combined with OPAL (Open Policy Administration Layer).
- SpiceDB - Open Source solution Zanzibar inspired.
- Topaz - Open source solution combining Zanzibar and Open Policy Agent.
- Warrant - Centralized Fine-grained authorization service Zanzibar inspired.
- WorkOS FGA - FGA built for B2B use cases that extends WorkOS.
Where to discover learning resources about Zanzibar.
- Google Research Paper - First Google research publication introducing Zanzibar.
- Zanzibar Academy - Resources created by Auth0 about Zanzibar.
- Netflix Identity Use Case - Netflix Zanzibar approaches experiments for authorization using SpiceDB to manage identity challenges.
- Google Zanzibar In A Nutshell by Permify - Blog post which explains what is Zanzibar, what are the authorization systems and why Zanzibar can help.
Your contributions are always welcome! Please take a look at the contribution guidelines first.