[colinchartier]

How does this compare with existing access control solutions like https://aws.amazon.com/cognito/ or auth0 rbac?

[kkajla]

As others have mentioned, solutions like Cognito and Auth0 are primarily focused on providing authentication (authn) and stop at basic RBAC when it comes to authorization (authz). Many companies quickly outgrow RBAC or need more powerful authz models (fine grained, attribute based, etc.) to serve their business needs.

Warrant focuses on the authz piece, supporting RBAC (like Cognito & Auth0), but more importantly, allowing companies to define & enforce their own authz model.

[jwineinger]

Auth0 has an upcoming authz product based on Zanzibar as well. They've open sourced it: https://openfga.dev/

[ukulele]

We tried cognito (bizarrely hard to use), Auth0 (mildly hard to use), and Userfront (easy to use) for authentication + rbac + multi-tenancy. We also looked at Warrant and Oso, and my takeaway was that they shine for more complex use cases, which wasn't our particular need.

[notlukesky]

Did pricing affect your decision at all?

[TameAntelope]

I don't know if Cognito is an access control solution per se, since it doesn't support any kind of AuthZ (AFAICT) out of the box.