Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/eko/authz

🛡️ Authorization backend that comes with a UI for RBAC and ABAC permissions
https://github.com/eko/authz

abac auth authentication authorization authorizer backend frontend management rbac

Last synced: 3 days ago
JSON representation

🛡️ Authorization backend that comes with a UI for RBAC and ABAC permissions

Host: GitHub
URL: https://github.com/eko/authz
Owner: eko
License: mit
Created: 2022-12-11T22:01:56.000Z (about 2 years ago)
Default Branch: master
Last Pushed: 2024-04-19T05:24:31.000Z (9 months ago)
Last Synced: 2025-01-11T22:12:49.037Z (10 days ago)
Topics: abac, auth, authentication, authorization, authorizer, backend, frontend, management, rbac
Language: Go
Homepage: https://authz.fr
Size: 37.4 MB
Stars: 247
Watchers: 5
Forks: 23
Open Issues: 27
Metadata Files:
- Readme: README.md
- Contributing: .github/CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Security: .github/SECURITY.md

Awesome Lists containing this project

README

        [![Backend](https://github.com/eko/authz/actions/workflows/branches.yaml/badge.svg)](https://github.com/eko/authz/actions/workflows/branches.yaml)

[![Cucumber badge](https://messages.cucumber.io/api/report-collections/d514b46e-9225-4ae8-afbb-5f825ca2b3df/badge)](https://reports.cucumber.io/report-collections/d514b46e-9225-4ae8-afbb-5f825ca2b3df)

[![Go Report Card](https://goreportcard.com/badge/github.com/eko/authz/backend)](https://goreportcard.com/report/github.com/eko/authz/backend)

🛡️ Authz - Authorization backend

================================



This project brings a backend server with its frontend for managing authorizations.

You can use both Role-Based Acccess Control (RBAC) and Attribute-Based Access Control (ABAC).

## Why use it?

🌍  A centralized backend for all your applications authorizations

🙋‍♂️  Supports Role-Based Access Control (RBAC)

📌  Supports Attribute-Based Access Control (ABAC)

⚙️   Multiple language SDKs available

✅  Reliable: Authz uses Authz itself for managing its own internal authorizations

🔍  Audit: We log each check decisions and which policy matched

🔐  Single Sign-On: Use your enterprise SSO to log into the web UI, using OpenID Connect

🕵️‍♂️  Observability: Retrieve metrics and tracing data into your prefered tools

More information on [authz.fr](https://authz.fr)

## How it works?

Authorization is simple: a `principal` wants to make an `action` on a `resource`. That's it.

Authz allows you to manage all the authorizations you want to manage. All of them, centralized in a single application.

  

  

All you need to do is to host the backend server (a Go single binary), the frontend (static files) if you want it and use our SDKs.

All data are stored in a SQL database. We currently support:

* [PostgreSQL](https://www.postgresql.org/)

* [MySQL](https://www.mysql.com/fr/)

* [SQLite](https://www.sqlite.org/)

You can run a development environment using our [`docker-compose.mysql.yaml`](https://github.com/eko/authz/blob/master/docker-compose.mysql.yaml) and [`docker-compose.postgres.yaml`](https://github.com/eko/authz/blob/master/docker-compose.postgres.yaml) files. Or, you can see below to run an example using SQLite.

## SDKs

In order to help you, we have the following available SDKs:

* [Go](https://github.com/eko/authz/tree/master/sdk) - [pkg.go.dev](https://pkg.go.dev/github.com/eko/authz/sdk)

* [Python](https://github.com/eko/authz-python-sdk) - [pypi](https://pypi.org/project/authz-sdk/)

* [PHP](https://github.com/eko/authz-php-sdk) - [packagist](https://packagist.org/packages/eko/authz-sdk)

* [NodeJS](https://github.com/eko/authz-nodejs-sdk) - [npmjs](https://www.npmjs.com/package/@eko/authz-sdk)

Please check their documentations for detailled usage. They all use `gRPC` for communicating with the Authz backend (server-to-server).

More SDKs are coming soon.

## Getting started

The best way to start trying Authz is to use the following standalone Docker image:

```bash

$ docker run --rm \

    -e database_driver=sqlite \

    -e database_name=:memory: \

    -p 8080:8080 \

    -p 8081:8081 \

    -p 3000:80 \

    ekofr/authz:v0.8.4-standalone

```

Here, we use SQLite in-memory as database.

Frontend will be available under [http://localhost:3000](http://localhost:3000) with default credentials: `admin` / `changeme`.

Alternatively, we also have separated `backend` and `frontend` Docker images available here: [https://hub.docker.com/repository/docker/ekofr/authz](https://hub.docker.com/repository/docker/ekofr/authz).

## Documentation

More technical documentations are available at [https://docs.authz.fr](https://docs.authz.fr).

## Backend

For more information about backend, please refer to the [Backend](https://github.com/eko/authz/tree/master/backend) README file.

## Frontend

For more information about frontend, please refer to the [Frontend](https://github.com/eko/authz/tree/master/frontend) README file.

## Community

Please feel free to contribute on this project and do not hesitate to open an issue if you want to discuss about a feature.