Skip to main content
Version: 1.0.0

Frequently Asked Questions

Here you will find answers to all your possible questions regarding


This page gets updated regulary as more interesting questions pop-up.

What is is the permissions infrastructure for the internet. It is a fullstack authorization solution that enables developers to bake-in access-control into their products in minutes and have them ready for future demands from customers and regulation. developer SDK integrates with your product and enables you to add declarative permission checks that are as easy to use as feature flags. solution is built on strong open source foundations, enables Git-Ops out of the box, and goes far beyond enforcement - providing seamless access control experiences meant for humans that simply work: User Management, API Key management, Audit, User impersonation, and more.

What is the difference between Authentication and Authorization?

While closely related, authorization and authentication are different.

To simplify with a metaphor - imagine a person is about to enter your home:

Authentication will deal with identifying who is at the door and deciding whether they may enter or not.

The authorization will start immediately as soon as the person is in your house. It will deal with the person's permission once they enter - can the person open the fridge? May they sleep in your bed? Can the person read your diary?

To conclude

  • Authentication (AuthN) - Who is the user
  • Authorization (AuthZ) - What is the user allowed to do

Is there a free version of

Of course! Our community version provides authorization capabilities up to 1,000 monthly active users. The best part? It’s free forever.

What's the difference between OPA and OPAL and

OPA, or Open Policy Agent is a generic policy based decision engine, and OPAL, or Open Policy Administration Layer is a realtime solution to keep the policy agents updated with the policies and data, in an event-driven distributed fashion. is a full-stack authorization solution - covering all the layers required for building access-control for products and services - Infrastructure (e.g., Policy-engines, SDKS, APIs), Backoffice (the controls the team behind the product needs), and end-user interfaces (e.g. user management, audit logs, api-keys, ...). A key part of’s infrastructure is the open-source combo of OPA and OPAL.

Can I use other policy-agents with (e.g. OSO, Casbin)?

Yes, please join our slack or contact us at to learn more about these use cases.

Can I Connect my FGA/Google-Zanzibar solution with (e.g. AuthZed, Ory Keto, Auth0 Sandcastle)?

Yes, please join our slack or contact us at to learn more about these use cases.

When the tenant does not represent an end-customer company, then what does it represent?

A tenant can be a company that you physically cater too, or it can also be a company that your umbrella organisation owns and manages internally.