Permit.io Announces a New Pricing Model

Authorization is Changing, and We’re Changing With It

Working at Permit.io, I am constantly reminded of just how necessary Fine-Grained Authorization (FGA) is for every modern application in organizations of all sizes. Data security and compliance requirements are intensifying across industries, and companies are realizing that implementing proper authorization is something they just can’t afford to postpone or overlook.

This problem gets even more complicated with the increased user expectations to provide them with greater agency over their data than ever before. Self-service components that allow for collaboration and data sharing are considered a must for any modern application, and support for them is expected from day one.

To make this implementation process easier, many companies are opting for externalized authorization solutions like Permit.io, reducing the risk of unauthorized access and allowing development teams to focus on developing their core product - instead of spending months on building security features from scratch.

Considering this, we aim to make fine-grained authorization accessible to everyone, from startups to established enterprises. As we see more software developers taking on decision-making roles and seeking budget-friendly solutions that don’t compromise on quality, we decided our pricing model needs to reflect this reality.

The recent changes to our pricing model introduce several strategic updates and new tiers. In this post, I’ll introduce you to these changes, what led us to make them, and how I believe our new pricing model allows for far more accessible pricing for all users.

Let’s dive in!

What’s New?

Introduction of a New Startup Tier

Our updated model introduces the Startup tier, a new pricing level that offers high-quality, fine-grained authorization at an affordable rate, specifically tailored for smaller teams and startups.

This tier is priced significantly lower than our previous Pro tier and provides essential features that support the needs of smaller, growth-focused companies, especially those focused on B2C applications, that need to support large user bases.

Unlike mature enterprises, these companies might not need extensive quotas on roles, resources, or tenants. However, they still require fine-grained authorization capabilities that can scale as their user base grows.

The Startup tier allows these developers to implement comprehensive authorization measures with all necessary tools at a significantly lower starting price.

For instance, applications with up to 10,000 users now cost as low as $150 per month. This makes fine-grained authorization feasible and affordable for smaller development teams, ensuring they don’t have to compromise on security due to budget constraints.

Expansion of the Free Tier Features

As per our philosophy of having zero “blackout features,” we expanded access to core capabilities that were previously limited to the Pro tier. Modern SaaS applications, particularly those focused on a developer audience, cannot include feature limitations that lock them out of key functionalities.

This is why key features—like GitOps flow, writing custom policies as code, GitHub integration, and infrastructure-as-code tooling with Terraform—are now available within the free tier.

This move ensures that developers on any plan can configure permissions, manage policies, and integrate Permit seamlessly into their preferred workflow. With these expanded free-tier offerings, users can extend Permit policies or even manage independent authorization frameworks using the configurations they create within Permit.

This gives users flexibility and control without any upfront costs, reinforcing our commitment to accessible authorization for developers at all stages.

Features that were part of the Early Access Pro program, such as strong consistency in critical data updates to the PDPs, are now also available for free.

Reorganization of Pro and Enterprise Tiers

Recognizing that many companies with moderate user bases also need strong security features, we moved certain Enterprise-exclusive features, such as single sign-on (SSO) and compliance tools, down to the Pro tier. The Enterprise tier now centers on custom agreements and specific quota needs rather than reserving these features for enterprise customers.

Adding Quotas to our MAU-Based Pricing Model

As an authorization provider, it would be easiest for us to charge our clients based on the number of authorization API calls we have to process, as each call directly represents a quantifiable cost in server and infrastructure resources. That’s the way some authorization providers do it.

The thing is, authorization calls can add up quickly and unpredictably, as even a single API call from a user may require multiple authorization checks - potentially resulting in large, unexpected expenses for our clients.

For this reason, we initially designed our pricing model around Monthly Active Users (MAU). This way we can offer a predictable cost structure, allowing you to easily forecast expenses, as users are a very basic growth metric for every application.

Basing pricing solely on MAU, however, introduced challenges for us as a service provider. While MAU is stable for clients, it doesn’t account for the variability in authorization usage that occurs within different applications. Some clients may have a small number of users, but those users may trigger a very high volume of authorization calls, resulting in significant operational costs on our end.

To address usage unpredictability while still offering a friendly pricing model, we're introducing a quota on the number of resources and rules each client can define within our system. This quota is designed to be very high—so high, in fact, that after discussions with our users, we doubt any of them will surpass it.

By setting these quotas, we can manage our operational costs more effectively, especially when it comes to caching rules and handling the volume of API calls. These newly implemented limits apply to our Startup and Pro pricing tiers, giving us a way to forecast our operational demands without compromising service quality.

This approach allows us to offer a Monthly Active User (MAU) pricing structure at a rate significantly lower than any other authorization-as-a-service provider.

Balancing Pricing for Existing and New Users

Introducing a new pricing tier is more than just setting new numbers. It also means we need to strike a balance for our current users, who naturally shouldn’t pay more than newer users, especially when prices are reduced.

To address this, we conducted in-depth discussions with our community, from existing clients to potential customers, with the goal of adjusting their current pricing to the new set standard.

It’s very important to note that no Permit.io paying customer will have to pay more for the newly established quota.

Secure, Fine-Grained, and Affordable

Through these updates, our goal is to support developers and organizations in implementing fine-grained authorization affordably, securely, and with predictable costs. We believe this new pricing structure aligns with the current demands of the software market, allowing developers of all sizes to make confident, budget-friendly decisions for their authorization needs.

For complete transparency, we’ve published a full breakdown on Permit’s pricing page, where you can view a side-by-side comparison of all tiers. I encourage everyone to explore this page to see how each plan aligns with your needs.

If you have any questions about the newly set pricing or anything else, the Permit.io team and I are always available in our Slack Community.

Can’t wait to see what you’re going to build!