# Permit.io

> Permit.io is a full-stack authorization platform that provides fine-grained, real-time permissions for applications, APIs, and AI agents using RBAC, ABAC, and ReBAC models.

Permit.io is a full-stack permissions-as-a-service platform that enables developers to implement fine-grained authorization across applications, APIs, and AI agents without rebuilding access control from scratch. It unifies policy management, delegation, approvals, trust, and audit into a single action-time policy fabric that works for humans, services, and AI agents. Built on open standards (OPA and OPAL), Permit.io supports hybrid deployment with sub-millisecond decision latency and is designed for enterprise, fintech, healthcare, and government use cases.

- **MCP Gateway** — *Authenticate humans, identify agents, gate tokens, collect consent, and govern tool access in real time for AI agent workflows.*
- **Multiple Authorization Models** — *Supports RBAC, ABAC, ReBAC, and PBAC out of the box, configurable via UI, API, SDK, or Infrastructure-as-Code (Terraform).*
- **Policy Decision Point (PDP)** — *Deploy unlimited authorization microservices in-VPC for sub-millisecond, local decision latency with 0.999999 uptime.*
- **Embeddable Authorization Interfaces (Elements)** — *Drop-in UI components like User Management panels that can be embedded directly into your product.*
- **GitOps CI/CD Pipeline** — *Sync policies to your own Git repository (GitHub, GitLab, Bitbucket) and automate deployments with a full GitOps pipeline.*
- **Audit and Decision Logs** — *Capture every authorization decision with operational audit logs, decision traces, and a configurable logs forwarder.*
- **Agentic Identity & Agent Fingerprinting** — *Interrogate AI agents via MCP to bind identity to intent; if prompt injection alters intent, the fingerprint breaks and access is denied.*
- **Hybrid Deployment** — *Run managed cloud or self-hosted; supports on-prem, multi-cloud, and hybrid architectures.*
- **Compliance-Ready** — *SOC 2 Type II, HIPAA, GDPR, and CCPA support with SCIM user provisioning on higher tiers.*
- **Language SDKs & Terraform Provider** — *Integrate with any stack using official SDKs and manage policy configuration as infrastructure code.*

## Features
- RBAC, ABAC, ReBAC, and PBAC authorization models
- MCP Gateway for AI agent access control
- Policy Decision Point (PDP) with sub-millisecond latency
- Embeddable authorization UI components (Elements)
- GitOps CI/CD pipeline for policy deployment
- Audit and decision logs with configurable retention
- Agentic identity and agent fingerprinting
- Hybrid and on-premises deployment options
- SCIM user provisioning
- Terraform provider for IaC configuration
- Language SDKs (fully API-driven)
- SOC 2 Type II, HIPAA, GDPR, CCPA compliance
- Backoffice dashboard and policy editor UI
- Logs forwarder for enhanced monitoring
- Human-to-agent delegation and consent framework

## Integrations
GitHub, GitLab, Bitbucket, OPA (Open Policy Agent), OPAL, Terraform, Auth0, Okta, JWT-based identity providers, API gateways and proxies, GraphQL, SCIM, Slack

## Platforms
LINUX, WEB, API, DEVELOPER_SDK, CLI

## Pricing
Freemium — Free tier available with paid upgrades

## Links
- Website: https://www.permit.io
- Documentation: https://docs.permit.io/
- Repository: https://github.com/permitio/opal
- EveryDev.ai: https://www.everydev.ai/tools/permit-io