Cerbos

https://cerbos.dev
48
Fair
Agent Native Score
Free TierAPI Key AuthOpenAPI Spec

Cerbos is an open-source authorization-as-a-service platform that allows you to define, test, and enforce fine-grained access control policies. It provides a centralized policy engine accessible via gRPC and HTTP APIs for permission decisions.

Categories: Authorization · Access Control · Security
#1 of 7 in Authorization · #1 of 6 in Access Control · #1 of 58 in Security
Checklist Breakdown

16 of 33 checks passed. 14 unscored.

Discovery 63%

Can an agent find and understand this tool without a web search?

Published OpenAPI/Swagger spec
Has llms.txt or llms-full.txt
Has an MCP server (official or well-maintained)
MCP server listed in a public registry
API reference docs are publicly accessible
Docs include runnable code examples
Has a public changelog or release notes
Has a public status page
Auth & Onboarding 100%

Can an agent create an account and get credentials without human intervention?

Signup does not require CAPTCHA
Signup does not require phone verification
Supports API key auth (not only OAuth)
API key obtainable without manual approval
No mandatory billing info to start
Can sign up without creating an organization
Pricing 100%

Can an agent operate autonomously without upfront payment or contracts?

Has a free tier
Usage-based pricing available
No minimum contract or commitment
Pricing page is public (no 'contact sales')
Free tier sufficient for testing (not just a trial)
Agent Tooling Not yet scored

How well does the API work for non-human consumers?

SDK available in 2+ languages
Structured error responses (JSON with error codes)
Idempotency support on write endpoints
Pagination on list endpoints
Webhook/event support
Sandbox or test mode available
Rate limit headers in responses
Consistent REST resource naming
Reliability Not yet scored

Does the tool fail gracefully when an agent makes a mistake?

Meaningful error messages (not just 500)
429 responses include Retry-After header
Documented uptime SLA (99.9%+)
Graceful degradation under rate limits
Request IDs in responses for debugging
API versioning supported
Reviewer Notes

Cerbos excels in agent tooling with clear OpenAPI specs, structured JSON responses, and a self-hostable open-source option—agents can easily integrate authorization checks. Discovery is solid with good documentation and multiple SDK options. The main weakness is limited documentation on programmatic account setup for the cloud version and no MCP server, which reduces discoverability. The free tier and sandbox environment are strong positives, though the pricing model for production cloud deployments isn't fully transparent, creating some uncertainty for autonomous agent cost planning.

Top 10 Lists
Top 10 Security →

Let your agents find tools like Cerbos

Install the Agent Native Registry MCP server. Your agents can search, compare, and score tools mid-task.

claude mcp add --transport http agent-native-registry https://agentnativeregistry.com/api/mcp