Authorize anything,
built to scale with you
Users, services, AI agents — one API to authorize them all. Fine-grained, policy-based authorization as a service with full visibility into every decision.
$ curl -X POST https://api.authzx.com/v1/evaluate \
-H "Authorization: Bearer <api_key>" \
-d '{
"subject": { "id": "agent_12", "type": "service" },
"resource": { "type": "document", "id": "doc_456" },
"action": "read"
}'
// Response
{ "allowed": true, "access_path": "role", "reason": "Access granted via role" }Everything you need for production-grade authorization
A complete authorization platform so you can focus on building your product, not reinventing access control.
Policy Engine
Define authorization rules with role hierarchies, group-based access, and direct assignments — without writing application code.
Multi-Tenant by Design
Built for SaaS from day one. Isolate tenants, manage per-organization policies, and scale without worrying about data leakage between customers.
Real-Time Decisions
Low-latency authorization checks powered by policy evaluation and caching. No performance trade-off for fine-grained control.
Resource Management
Register and organize your resources, define resource types, and manage attributes. Model exactly what you're protecting with a flexible resource hierarchy.
Complete Audit Trail
Every authorization decision is logged with full context — who, what, when, and why. Searchable audit logs with configurable retention per plan.
Role & Entity Management
Model your permission structure with roles, groups, and relationships. Supports RBAC, group-based access, and direct entity assignments.
API-First
Everything is accessible via REST APIs. Integrate authorization checks into any language or framework. Manage policies, resources, and entities programmatically.
Users, Services & AI Agents
Authorize any identity type — human users, backend services, devices, or AI agents. First-class support for non-human identities with the same policy engine.
Decision Transparency
Every response tells you not just allowed or denied, but how — which policy matched, which access path was used, and why. Debug and audit with full context.
Manage everything from the console
A powerful admin console to manage policies, resources, entities, and monitor authorization decisions in real time.
Dashboard
Eval Requests Today
24,521
+12.3%
Access Denials
142
-5.1%
Avg. Eval Time
24ms
-8.2%
Policy Violations
7
+2
Recent Activity
user_823 → "read" on doc_1042
service_api_47 exceeded rate limit
user_291 → "delete" on project_88
user_512 added to "billing-admin"
Policies
document-read-access
admin-full-access
deny-external-delete
billing-read-only
deny-guest-write
service-api-access
Three steps to secure your app
Get from zero to production-ready authorization in minutes, not months.
Define Your Policies
Create authorization policies from the dashboard or API. Assign roles, groups, and direct access — AuthzX evaluates them automatically.
# Create a policy via the API
POST /policy-srv/v1/policies
{
"name": "document_editor",
"effect": "ALLOW",
"actions": ["read", "update"],
"resources": ["doc_456"],
"roles": ["editor"]
}Model Your Resources
Register your resources, define types, and set up entity relationships. AuthzX understands your permission hierarchy.
POST /resource-srv/v1/resources
{
"name": "Q4 Report",
"type": "<resource_type_id>",
"application_id": "<app_id>",
"attributes": {
"classification": "internal"
}
}Check Permissions
A single API call to authorize any identity — users, services, or AI agents. Every response includes the access path and reason so you can debug and audit.
POST /policy-srv/v1/evaluate
{
"subject": { "id": "agent_12", "type": "service" },
"resource": { "type": "document", "id": "doc_456" },
"action": "read"
}
// => { "allowed": true, "access_path": "role" }Ready to stop building permissions?
Authorize anything — users, services, AI agents. Free to start, scales with your product.
No credit card required. Free tier includes 10,000 checks/month.