from Hacker News

Ask HN: How do you implement authorization in Django?

by saaspirant on 12/3/23, 6:20 AM with 4 comments

I have just joined a startup where we build a privacy-related muli-tenant SaaS offering. We are thinking of using Django for it. Django has lot of features and libraries for authentication , 2FA etc but I can't find much on Authorisation. What do you guys use? We can't use any proprietary/closed-source solutions due to the nature of the product.

Any suggestions is appreciated?

  • by petr25102018 on 12/10/23, 4:23 PM

    You will most likely need to build something yourself. Django's authorization is limited in this aspect :(

  • by 8organicbits on 12/3/23, 8:18 AM

    I think we need more info about your project and how you want authZ to work. Do you need groups? Can everyone share with anyone? Do you want to support customer defined policies, or should the service define static roles?

    Oso, AuthZed, and Ory Keto come to mind, but those may be too heavyweight if you just need something basic.

  • by rst_noimage on 12/3/23, 8:19 AM