Access control systems often falter under heavy load, struggling with consistency and responsiveness. Ory Keto addresses this by delivering minimal latency and strong consistency, even at high request volumes.
Split-second decision making
Ory Keto is an open source lightning fast permission and authorization. Its design is based on Google Zanzibar and it ships gRPC and REST APIs.
Built for availability
Ory Keto is written in Go and we provide SDKs for every language. It works behind any framework and integrates with any existing data structures and identifiers. Our documentation makes integrating Ory Keto a piece of cake.
Manage and Check Permissions
Determine if an entity (user, service, IoT) is allowed to perform an action using HTTP or gRPC APIs.
Powered by Open Source
Ory Kratos is open source and evolves with every pull-request.
Akibur Rahman
System Architect
Ory components met modern technical standards, seamlessly integrated into our system, and were easily customizable to our needs.
Ory Keto features at a glance
Low Latency and Highly Available
Ory Keto implements Google Zanzibar and has maintained 95th-percentile latency of less than 10 ms and availability greater than 99.99% over years of production use.
Flexible Permission Management
Ory Keto integrates with any existing data structures and identifiers.
Global Access Control
Deploy around the globe and provide a fast response no matter where your users are.
Deploy Ory Keto on your preferred infrastructure
Deploy on any infrastructure and take full control over authentication and user workflows of your application.
import { Namespace, Context } from "@ory/keto-namespace-types"
class User implements Namespace {}
class Document implements Namespace {
related: {
owners: User[]
editors: User[]
viewers: User[]
parents: Folder[]
}
permits = {
view: (ctx: Context): boolean =>
this.related.viewers.includes(ctx.subject) ||
this.related.editors.includes(ctx.subject) ||
this.related.owners.includes(ctx.subject) ||
this.related.parents.traverse((parent) => parent.permits.view(ctx)),
}
}
class Folder implements Namespace {
related: {
owners: User[]
editors: User[]
viewers: User[]
parents: Folder[]
}
}
More on Keto
The Evolution of Ory Keto: A Global Scale Authorization System
Authorize billions of requests secure, consistent, low latency and no downtime using Ory Keto, the open source implementation of Google Zanzibar access control.
What is the Ory Permission Language
The Ory Permission Language is a language that allows to configure scalable authorization rules for Ory Network and Ory Open Source.
