🛡️ KeyRunes

The modern authorization engine forged in Rust ⚙️
Powering secure, contextual, graph-aware access control for the next generation of platforms.

⭐ Star us on GitHub

🔐 Authorization Models

RBAC ⚔️ Realm & client-specific roles with role composition to avoid explosion.
ABAC 🧬 Attribute-based policies using time, department, device context and more.
ReBAC 🧙‍♂️ Model user-resource relationships like ownership, collaborators, teams.
PBAC 🧩 Centralized policies that blend role + attribute + relationship rules.

⚡ Built for Scale

Fast PDP 🚀 Decision engine with <10ms latency, even under heavy user load.
Flexible Deployment 🔁 Use as a library or standalone service.
Distributed Caching 📦 Attribute cache to reduce IdP and directory queries.

👨‍💻 Developer First

Policy-as-Code ✍️ Write and manage policies in YAML or Rego with Git integration.
CI/CD Ready ✅ Run policy tests in pipelines to ensure safe deployments.
Simulators & SDKs 🧰 Simulate access decisions before rollout. SDKs coming soon.

📊 Governance & Compliance

Audit Logs 📜 Full trace of access decisions and policy evaluations.
Rollbacks 🔄 Auto-rollback on failed policy enforcement in production.
Compliance Reports 📋 PCI, HIPAA, and custom audit capabilities.

🏢 Multi-Tenancy & Integration

Tenant Isolation 🏰 Per-tenant data and policy scoping with no leakage risk.
Identity Federation 🧩 Connect with Keycloak, Okta, and any OIDC IdP.
Custom Extensions 🔌 Webhooks, attribute plugins, and internal data source support.

✨ If you like this project, show your support!

⭐ Give it a Star on GitHub