SentinelAuthorization for TypeScript SaaS
Type-safe policies, multi-tenant roles, and explainable decisions — zero dependencies.
Skip to content
npm install @siremzam/sentinelInstallation guide →What it looks like in code
Full quickstart →evaluate.ts
1const engine = new AccessEngine({ schema });
2
3await engine.can({ subject, action: "invoice:approve", resource });
4// allow · admin matched · tenant:acme
allowadmin → invoice:approve → tenant:acme
Where do you want to start?
- Type-safe schemaTypos fail at compile time, not in production.
- Multi-tenant by defaultRoles and context scoped per tenant.
- explain() when it breaksReplay every rule that fired — or didn't.
Framework middleware
Sentinel ships middleware for your stack — not a DIY AuthZ layer you have to build yourself. Import the guard for your framework, pass the engine and options, and protect routes in a few lines.
| Framework | Guide |
|---|---|
| Express | Express middleware |
| Fastify | Fastify middleware |
| Hono | Hono middleware |
| NestJS | NestJS guards |
| Polyglot / HTTP | Server mode |
→ Middleware reference for all option types and exports.
Documentation map
| I want to… | Start here |
|---|---|
| Understand what Sentinel is | What is Sentinel? |
| Install and evaluate in five minutes | Quickstart |
| Protect routes with Express, Fastify, Hono, or NestJS | Framework middleware |
| Learn how decisions are made | How evaluation works |
| Compare with CASL, Casbin, or accesscontrol | Feature comparison |
Full index: documentation hub.