Skip to Content
IdentityServer

About Enforcer

Enforcer allows you to write human-readable access control policies for your .NET applications.

Don't hide security policy in application logic; make it clear and visible to all stakeholders.

Enforcer is an Attribute-Based Access Control (ABAC) authorization engine where information about a request, and the wider context, is used to determine if the request can proceed. Enforcer's power comes from its flexibility, taking information from anywhere in your business to make authorization decisions.  

Enforcer reacts to your changes in security policy, without the need to redeploy the application.

See how easy it is to write a readable security policy by following one of our online tutorials

Or have a play with our live online tool and create your own policies.

  • Duende IdentityServer
    Duende IdentityServer
  • IdentityServer4
    IdentityServer4
  • ASP.NET
    ASP.NET
  • .NET Framework
    .NET Framework

Get a FREE 30-Day Demo Key

By submitting this form you are confirming the use of the data you supply in accordance with our privacy policy.

Enforcer Key Features

  • Attribute Based Access Control

    Built upon the OASIS XACML policy model.

  • Human readable security policy

    Policies are written in ALFA, readable by anyone

  • Protect Controllers and Services

    Protect MVC and API controllers with a simple attribute. Protect any .NET code with a call to the policy enforcement point

  • Deploy policies with git

    Using existing git workflows to test and approve security policy changes. Enforcer watches the live branch, and automatically picks up the approved changes

  • Integrates with your IDE

    Develop and test policies in Visual Studio or Visual Studio Code. Syntax highlighting and background compilation.

  • Automated testing of policies

    Deploy policies with confidence using your favorite testing framework.

  • Fully compiled

    ALFA policies are fully compiled at runtime for optimal performance

Identity != Permissions

Why should I put Authorization outside of my IdentityServer?

Developer Tooling

Screenshot of the Enforcer REPL

Enforcer REPL

Screenshot from Visual Studio

Visual Studio

Screenshot of Visual Studio Code

Visual Studio Code

Screenshot of testing policies in VSCode

Testing policies

Flow of managing Git deployment

Git deployed policies

Enforcer Pricing

  • Enforcer Enterprise

    $ 9,437

    • Unlimited use inside a single enterprise
    • Perpetual License*
    • Includes one year of helpdesk support and updates

  • Enforcer Redistribution

    POA

    • All the features of Enforcer Enterprise
    • For use outside of a single Enterprise

* Optional annual renewal at 25% of list price, to continue to receive support and updates. For more information, visit our FAQ

Latest Articles

  • Authorization, What Are My Options?

Try Enforcer for free

See how easy it is to write a readable security policy by following one of our online tutorials

Get your 30 day free demo license