Ninka background logo

Authorization for the AI Coding Era

AI writes the code. Ninka guards authorization.

When AI writes your app, authorization dissolves into scattered if-statements — it stops existing as a design. With Ninka, AI writes only intent. The compiler inspects it, and only what you approved ever ships.

Requirement (natural language)

Tegata written by your AI agent

Compiled Rego (same output, every time)

Your app just calls check()

Problem

AI writes locally correct authorization.

But nobody owns it as a design.

Left to AI, authorization looks like this: if (user.role === "admin") … if (invoice.ownerId === user.id) … if (user.department === invoice.department) … Scattered across hundreds of call sites. Each one is correct — and together they mean authorization no longer exists as a design. The problem is not AI's accuracy; it is that nobody is responsible for the design anymore. That is how most authorization incidents start.

Features

At its core, it's a compiler

AI is free to write whatever code it wants. Authorization is the one thing that structurally cannot scatter: AI writes only intent (the Tegata), never an if-statement. Rules live in one place — authz/ — and the compiler checks meaning (Sekisho) and emits code (Kinza), all at compile time.

Same input in, same bytes out

The compiler is a pure function — no randomness, no timestamps. The same Tegata produces byte-identical Rego / WASM, whoever compiles it, however many times. The JSON you approved and the code that runs stay in lockstep. This is the core of Ninka.

  • Tested by compiling 100 times and comparing bytes
  • No timestamps or environment info in the output, ever
  • ninka verify fails CI on stale builds and hand-edited output
  • Nobody writes Rego by hand

All Features

How It Works

How it works

1

Install and init

npm i ninka-authz, then npx ninka init. You get an authz/ folder, a check() entry point, and the agent rules. No account signup.

2

Ask your agent

"Add a delete API for invoices. Only admins can delete." The agent writes the Tegata, compiles it, and fixes any errors. You read the diff and approve.

3

Your app calls check()

Authorization if-statements disappear from your app. Put npx ninka verify in CI and it fails whenever the Tegata and the build drift apart.

Use Cases

Who it's for

Teams building products with agents

For deciding where authorization lives before the if-statements spread. Since inspection runs inside the agent loop, quality doesn't depend on which model you got that day. Your codebase can get a little messy. Your authorization can't.

Teams moving past Supabase RLS

Decisions outside the database, verbs beyond CRUD like approve and export, audit requirements. When RLS gets hard to stretch, the same rules work everywhere.

Pricing

Pricing

Everything that runs locally (CLI, compiler, runtime) is free. We charge for team approval flows and production signing.

Free

If you're building solo, this is all of it.

$0
(Published under BUSL-1.1 — source is open to read)
  • The full CLI (init / compile / build / verify / explain)
  • Unlimited compiles and checks
  • In-process WASM runtime (check())
  • TypeScript type generation
npm i ninka-authz

Ninka Cloud (Coming soon)

A GitHub App that catches Tegata changes in PRs and keeps approval records.

Coming soon
  • Approval flow per Tegata
  • AI interpretation notes as review comments
  • Approval records
  • Production signing

Enterprise (Coming soon)

For organizations that need SSO and audit support.

Coming soon
  • SSO integration
  • Audit exports
  • Decision log analytics
  • Onboarding support

FAQ

FAQ

Q. Is it okay to let AI write authorization?

A. AI only gets as far as the Tegata (JSON). Enforcement code always goes through the compiler, and a bad Tegata simply doesn't compile. Worst case, a weird JSON shows up in a PR. It stops there.

Q. Do I need to know OPA or Rego?

A. No. Rego is generated from the Tegata; nobody writes it by hand. You can read it whenever you want to.

Q. Does this compete with OPA?

A. No. OPA is the enforcement engine, used as-is. Ninka adds the layer that tracks who approved what.

Q. Supabase RLS covers us.

A. If you're on one Postgres and everything is CRUD, RLS is fine. Ninka becomes relevant when decisions move outside the database, or when operations like approve and export show up.

Q. Is it actually free?

A. The local tools are. The license is BUSL-1.1: read it, modify it, just don't resell it as a competing service. It converts to Apache-2.0 in 2030.

Next Step

Try it on your own machine first

From npx ninka init to check() in about five minutes.

Contact Us

Authorization,
in a form you can approve.

We're preparing the npm release. If you want to try it, or you're stuck on authorization, use the form.

  • No account, fully local
  • Source available (BUSL-1.1)
  • Design questions welcome

Contact

0/500