Skip to main content

Introduction to OpenFGA

OpenFGA is a scalable open source authorization system for developers that allows implementing authorization for any kind of application and smoothly evolve as complexity increases over time. It is owned by the Cloud Native Computing Foundation.

Inspired by Google’s Zanzibar, Google’s internal authorization system, OpenFGA relies on Relationship-Based Access Control, which allows developers to easily implement Role-Based Access Control and provides additional capabilities to implement Attribute-Based Access Control. You can learn more about different authorization concepts here.


OpenFGA provides developer the following benefits:

  • Move authorization logic outside of application code, making it easier to write, change and audit
  • Increase velocity by standardizing on a single authorization solution
  • Centralize authorization decisions and audit logs making it simpler to comply with security and compliance requirements
  • Help their products to move faster because it is simpler to evolve authorization policies


OpenFGA helps developers achieve those benefits with features as:

Authorization Concepts

Learn about Authorization.

Product Concepts

Learn about OpenFGA.

Modeling: Getting Started

Learn about how to get started with modeling your permission system in OpenFGA.