Running OpenFGA in Production
The following list outlines some guidelines and best-practices for running OpenFGA in a production environment:
- Configure Authentication
- Enable HTTP TLS or gRPC TLS or both
- Set the log.format to "json"
- Set the log.level to "info"
- Disable the Playground.
Database Recommendations
To ensure good performance for OpenFGA, it is recommended that the database be:
- Used exclusively for OpenFGA and not shared with other applications. This allows scaling the OpenFGA database independently and avoiding contention with your application database.
- Bootstrapped and managed with the
openfga migrate
tool. This will ensure the appropriate indexes are created for any specific version of OpenFGA.