Permit

This project is an unopinionated authentication library for Node.js APIs that focuses on adding an auth layer without forcing a specific framework or application style. It’s built to slot into popular server stacks like Express, Koa, Hapi, or Fastify, and it stays compatible with different API styles including REST and GraphQL. The library concentrates on the core authentication schemes many APIs need, including bearer token authentication and basic username/password credentials. It also supports pulling credentials from common request locations, prioritizing standards-based headers while allowing practical alternatives when needed. The design aims to keep authentication logic centralized and consistent, so you avoid copy-pasting auth checks across handlers and middleware. In short, it provides a small, reusable abstraction for authenticating requests that you can adapt to your project’s policies and user model.

Features

Framework-agnostic authentication layer for Node.js APIs
Supports Bearer token authentication for service-to-service and API keys
Supports Basic authentication with username/password credentials
Works with REST and GraphQL request flows
Standard-first credential parsing via common HTTP headers
Unopinionated design that integrates with your existing user and policy logic

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow Permit

Permit Web Site

Other Useful Business Software

AI-generated apps that pass security review

Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.

Try Retool free

Rate This Project

User Reviews

Be the first to post a review of Permit!

Additional Project Details

Programming Language

JavaScript

Related Categories

JavaScript Libraries

Registered

2026-01-21

Similar Business Software

Auth.js

Auth.js is an open-source authentication library designed to integrate seamlessly with modern JavaScript frameworks, providing a flexible and secure authentication experience. It supports various authentication methods, including OAuth (e.g., Google, GitHub), credentials, and WebAuthn, allowing...

See Software
DHTMLX

DHTMLX is a JavaScript UI library that provides a set of highly customizable and flexible components for building modern and responsive web applications. The library includes more than 30 UI components, such as Gantt, Scheduler, Kanban, diagrams, charts, grids, spreadsheets, calendars, trees,...

See Software
Emotion

Emotion is a performant, flexible CSS-in-JS library designed for writing CSS styles using JavaScript, supporting both string-based and object-based styles while delivering a strong developer experience, complete with source maps, labels, and testing utilities. It offers two powerful usage...

See Software
Moment.js

A JavaScript date library for parsing, validating, manipulating, and formatting dates. Moment was designed to work both in the browser and in Node.js. All code should work in both of these environments, and all unit tests are run in both of these environments. Moment.js has been successfully...

See Software
Dexie

Dexie.js is a minimalistic and bulletproof IndexedDB wrapper library designed to simplify client-side storage. At only ~29k minified and gzipped, it offers a concise API that addresses the complexities of native IndexedDB, such as ambivalent error handling, poor queries, lack of reactivity, and...

See Software
NextAuth.js

NextAuth.js is an open source authentication solution tailored for Next.js applications, offering seamless integration with popular services like Google, Facebook, Auth0, and Apple. It supports various authentication methods, including OAuth 1.0 & 2.0, email/passwordless sign-ins, and custom...

See Software