Aserto is a fine-grained authorization service designed for applications and APIs. It provides resource-level access controls that are managed centrally and evaluated at the edge with approximately 1ms latency. The platform supports multiple authorization models including Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Relationship-Based Access Control (ReBAC). Policies can incorporate environmental attributes, user-centric attributes, organizational hierarchy relationships, and resource-level permission hierarchies. Aserto uses a distributed architecture where local authorizers are deployed at the edge of an application, while a central control plane synchronizes authorization data in real time to prevent decisions based on stale data. This enables the enforcement of zero trust and least-privilege principles without standing permissions. The platform is built on an open-source foundation, including the Topaz open-source authorizer, the Open Policy Agent (OPA) decision engine, and a Google Zanzibar-inspired directory for managing relationships. Authorization decisions, along with their inputs and policy versions, are automatically logged to provide complete audit trails, supporting compliance requirements. SDKs are available for Node.js, Go, Python, Java, .NET, and Ruby. Integration is also possible via gRPC and REST APIs. The platform supports connections to identity providers, user directories, and SIEM tools. Note: Aserto ceased operations on May 31, 2025.