Technical overview diagram

Authorization API for your application

Protect your assets. Ensure user data privacy. Make your app enterprise-ready.

Sign up

You want to get authorization right. We know how difficult that is. We’ve built Authress so you don’t have to solve this problem on your own.

Authress provides authorization as a service for people building multi-tenant applications. Define your user roles and their scopes, and we’ll handle all the minutiae of making sure your logged in users get access to the right stuff at the right time.


  • Clean API to validate user access
  • Easy to plugin into your application
  • Configurable by non-technical people
  • Transparent audit trail
  • Pay as you go

Your benefits

  • Forget the complexity, we have it covered
  • Save on development and maintenance cost
  • GDPR compliance - Authress makes it easier

How to get started

Add your auth provider

Step 1

Specify your identity or auth provider

This is how Authress will know who is which user. Authress works out of the box with OIDC compliant JWTs.

Download SDK

Step 2

Download Authress SDK

We support most common languages so you don’t have to write any additional code. You can also call our API directly.

Enjoy simple authorization

Step 3

Enjoy simple authorization

Pass the user JWT to Authress calling the AuthorizeUser method.

Calling the AuthorizeUser method
Review user roles


Review user roles

Authress comes with default roles for most common cases. If your permission model is more sophisticated, adjust the roles to fit your needs.

Sign up

We integrate with your existing identity providers:

Auth0 OpenId Akamai Microsoft Google Facebook Keycloak Okta PingIdentity

Technical overview

Authress is an API that allows you to easily create and manage roles representing standard authorization patterns in your product. Each role is composed of granular permissions that grant your logged in users access to a particular resource or a group of related resources.

Technical overview diagram

You can define roles, resources, and permissions through access records. These can be created in our UI or through the API. An access record may have one or many users which all require similar permissions. Authress optimizes the storage of these records for quick updates and even faster authorization checks.

The Authress REST api provides streamlined authorization validation at the application level. Once you’ve defined and assigned user roles, your application - container, microservice, or website, can check whether a given user has permission to access a given resource.

As your application evolves, desired access patterns can change. That’s where Authress roles come handy. Rather than directly assigning permissions to users which would require you to come up with a migration strategy, you can simply update the permissions within a role. New permissions will automatically propagate to existing users, without you having to change any code.

Authress provides first class support for any OIDC compliant JWT authentication tokens. This means you can use your preferred identity provider with just one simple call. There’s no need for complicated set up.

Sign up


Authress uses metered billing, so that you pay only for what you use.

  • Standard

  • First class APIs
  • Client SDKs
  • Identity Provider integration
  • Machine to Machine authentication
  • Unlimited access records
  • Unlimited users
  • Unlimited service clients
  • Unlimited applications
  • Email support
  • 0.0011 USD per call

    billed monthly

    Your first 1000 API calls are free.

  • Get started
  • Enterprise

  • In addition to Standard features:
  • Audit logs
  • Defined SLAs
  • Custom contracts
  • Usage exports
  • Priority support
  • Contact us