Universal data authorization
Field level authorization
Field-level controls bind security policies directly to data types, ensuring consistent protection wherever sensitive data appears.
Regardless if DateOfBirth appears in your customer database or a Kafka topic, the same privacy rules follow the data automatically.
Policies as code
From simple role-based rules to complex data-driven logic, express your security requirements as code that travels with your data types.
Define once, automatically enforce everywhere.
Consistent, global auth
Define your policies once, and they’re automatically applied across Kafka, Lambda, databases, APIs, and more.
A simple git push updates everything consistently across your system.
Use cases
Authorization for the real world
From masking PII data to enforcing team-based access across microservices - implement consistent authorization policies in minutes.
Policies are automatically applied across your databases, APIs, event streams, and caches.
policy OnlyManagers against EmployeeInfo (user : User) -> {
read {
when {
// Managers can see everything
user.groups.contains('Manager') -> EmployeeInfo
// Users can see everything except salary
user.groups.contains('User') -> EmployeeInfo as {
... except { salary }
}
// Everyone else gets an error
else -> throw((NotAuthorizedError) { message: 'Not Authorized' })
}
}
}
Easily the best decision I've made was building our startup on Orbital. We got our platform built and operational in record time, with data pipelines and bespoke APIs for connecting our client data feeds.
The Orbital partnership was really easy. Their data platform made ingesting and performing complex data transformations simple.
The team were great to work with, and were able to quickly enhance the platform where required to suit our use case.
Frequently asked questions
Got another gnarly question? We'd love to hear it. Come and chat on Slack.