26 % faster than CASL (real benchmark)

The fastest zero-depABAC engine

Build powerful, flexible access control policies with modular packages. From lightweight core to full admin UI—install only what you need.

Try Live DemoDocumentation
abac-engineabac-admin
9.37 µs
Warm evaluation (100 policies)
4.2 KB
abac-engine (gzip)
18 KB
Full admin UI

Everything you need for ABAC

A complete suite of tools to manage, test, and deploy your access control policies

Policy Management

Create, edit, and manage ABAC policies with a powerful visual interface.

View Policies
  • Logical operators (AND, OR, NOT)
  • Comparison operators
  • Real-time policy editor
  • Policy versioning
  • Nested conditions

Real-time Evaluation

Test policies in real-time with our powerful evaluation engine. See results instantly.

  • Lightning-fast evaluation
  • Detailed audit logs
  • Debug mode

Framework Agnostic

Use with React, Next.js, or any JavaScript framework. TypeScript-first design.

  • Core package (framework-free)
  • React hooks & components
  • Next.js utilities

Get started in minutes

Choose your approach: use the core engine directly or get a full admin UI

abac-engine

Core evaluation engine with zero dependencies

1

Install

npm install abac-engine
2

Define Policy

import { PolicyBuilder, ConditionBuilder,
  AttributeRef } from 'abac-engine'

const policy = PolicyBuilder
  .create('doc-access')
  .version('1.0.0')
  .permit()
  .condition(
    ConditionBuilder.equals(
      AttributeRef.subject('role'),
      'user'
    )
  )
  .build()
3

Create Engine

import { ABACEngine, CombiningAlgorithm }
  from 'abac-engine'

const engine = new ABACEngine({
  policies: [policy],
  combiningAlgorithm:
    CombiningAlgorithm.DenyOverrides
})
4

Evaluate Request

const decision = await engine.evaluate({
  subject: {
    id: 'user-1',
    attributes: { role: 'user' }
  },
  resource: { id: 'doc-1' },
  action: { id: 'read' }
})
// decision.decision === 'Permit'

@devcraft-ts packages

Modular admin UI - headless hooks or pre-built components

1

Install Package

# Headless hooks (~30kb)
npm install @devcraft-ts/abac-admin-react

# Or pre-built UI (~130kb)
npm install @devcraft-ts/abac-admin-react-ui
2

Setup Provider

import { ABACProvider }
  from '@devcraft-ts/abac-admin-react'

function App() {
  return (
    <ABACProvider config={{
      baseURL: '/api/abac'
    }}>
      <PolicyManager />
    </ABACProvider>
  )
}
3

Use Hooks

import { usePolicies }
  from '@devcraft-ts/abac-admin-react'

function PolicyManager() {
  const { policies, createPolicy }
    = usePolicies()

  // Build your custom UI
  return <div>...</div>
}
4

Create Policies

await createPolicy({
  policyId: 'doc-policy',
  version: '1.0.0',
  effect: 'PERMIT',
  conditions: {
    type: 'equals',
    left: { category: 'subject', key: 'role' },
    right: 'admin'
  },
  isActive: true,
  category: 'document',
  tags: ['read'],
  createdBy: 'user-123'
})

Ready to get started?

Try our demo and see how easy it is to manage access control policies

View Demo Policies