Learn Authorization

A short reference for the concepts behind OpenFGA. Each page is a focused explainer with an OpenFGA example so you can map the theory to the model language.

• Google Zanzibar — the paper that started the ReBAC wave.
• ReBAC: Relationship-Based Access Control — what it is, when to use it.
• RBAC vs. ReBAC — when roles run out.
• ABAC vs. ReBAC — attributes versus relationships.
• Fine-Grained Authorization — what "fine-grained" actually buys you.
• Policy Engines vs. Relationship Engines — Rego, Cedar, OPL, and where OpenFGA fits.