FastAPI native
Routers, middleware, and dependencies that live inside your app instead of a separate auth service.
Infrastructure we share
Our open-source work is infrastructure we actually want to use: serious systems, practical interfaces, and code that can stand on its own.
outlabsAuth is authentication and authorization infrastructure for FastAPI: not an external dashboard, not a black box, but a library your product can mount, audit, and extend.
Routers, middleware, and dependencies that live inside your app instead of a separate auth service.
Users, roles, permissions, entities, API keys, and lifecycle history sit in an auditable relational model.
Start with flat roles, then move into teams, departments, projects, and hierarchy without changing systems.
CLI flows for migrations, seed data, admin bootstrap, diagnostics, and preflight checks before workers start.
Technical surface
JWT login, refresh tokens, and protected FastAPI routes
Personal API keys and system integration keys
Entity-scoped permissions for organizations and projects
Integration principals for durable non-human automations
Redis-backed counters, rate limits, and permission caching
Typed user audit events and membership lifecycle history
SimpleRBAC
Users, roles, and permissions in a flat structure. A strong fit for internal tools, early SaaS products, and backends that need serious auth without organizational hierarchy.
EnterpriseRBAC
Adds entities, trees, memberships, root scoping, and access groups so the model can represent companies, regions, teams, projects, or whatever the real domain uses.
Operations
The package includes CLI flows to migrate, seed system data, create the first admin, inspect tables, and run read-only diagnostics before production startup.
from fastapi import FastAPI
from outlabs_auth import SimpleRBAC, register_exception_handlers
from outlabs_auth.routers import get_auth_router
auth = SimpleRBAC(
database_url="postgresql+asyncpg://...",
secret_key="replace-me",
auto_migrate=False,
)
app = FastAPI()
register_exception_handlers(app)
app.include_router(get_auth_router(auth, prefix="/auth")) Companion Sidecar
outlabsAuth is accompanied by a dedicated, browser-based administrative sidecar. Built with React 19, Tailwind CSS 4, and shadcn/ui, the dashboard dynamically queries any mounted API instance to provide full, low-level control over users, roles, entity hierarchies, API key provisioning, and real-time event logs without writing backend code.
Current status
outlabsAuth is in public alpha. The backend foundation already covers users, roles, permissions, API keys, integration principals, audit history, and observability; the API surface is still settling before 1.0.
© 2026 OutLabs LLC. All rights reserved.