gf2-auth is a fork of eko/authz, Backend with GoFrame instead of Fiber, frontend migrated from react-scripts to Vite.
This project brings a backend server with its frontend for managing authorizations.
You can use both Role-Based Acccess Control (RBAC) and Attribute-Based Access Control (ABAC).
🌍 A centralized backend for all your applications authorizations
🙋♂️ Supports Role-Based Access Control (RBAC)
📌 Supports Attribute-Based Access Control (ABAC)
⚙️ Go SDKs available
✅ Reliable: Authz uses Authz itself for managing its own internal authorizations
🔍 Audit: We log each check decisions and which policy matched
🔐 Single Sign-On: Use your enterprise SSO to log into the web UI, using OpenID Connect
🕵️♂️ Observability: Retrieve metrics and tracing data into your prefered tools
In order to help you, we have the following available SDKs:
Please check their documentations for detailled usage. They all use gRPC for communicating with the Authz backend (server-to-server).
To get started with this project, run
No configuration is required.
git clone https://github.com/vulcangz/gf2-authz.git
cd gf2-authz
go mod tidy
go run main.goThe system then runs with the default config, using SQLite in-memory database.
cd ui
pnpm i
pnpm devvisiting http://localhost:3000
Sign in with default credentials: admin / changeme.
- Create a service account under menu
Service accountsin dashboard. - Edit main.go. Replace the
client_id,client_secretwhich obtained in the previous step. - Edit the principal(name:
auth-sa-(your service account name)). Assign a role(authz-admin) to it. - Run the test:
go run main.go
- visiting metrics api for Prometheus metrics observability(default config: disable).
Save example config as config.yaml. Edit it with your config.
Then, same steps as above.
that's all you need to get started!