Running OpenFGA in Production
The following list outlines some guidelines and best-practices for running OpenFGA in a production environment:
- Configure Authentication
- Enable HTTP TLS or gRPC TLS or both
- Set the log.format to "json"
- Set the log.level to "info"
- Disable the Playground.
To ensure good performance for OpenFGA, it is recommended that the database be:
- Used exclusively for OpenFGA and not shared with other applications. This allows scaling the OpenFGA database independently and avoiding contention with your application database.
- Bootstrapped and managed with the
openfga migratetool. This will ensure the appropriate indexes are created for any specific version of OpenFGA.
Learn how to setup the OpenFGA Server
Learn how to migrate relations in a production environment
Learn how to migrate to model schema 1.1