Skip to main content

Local Directory Overview

The Aserto Directory can be run as a standalone container, backed by a Postgres DB.

In addition, a local management console experience is provided for this deployment option.


There are a few scenarios where running a separate, local directory instance is advantageous:

Scaling data size beyond what fits in the embedded database

For deployments that have hundreds of thousands / millions of users, some partitioning strategy may be required.

Alternatively, a Postgres-backed directory provide a more scalable solution. Additionally, the cloud-specific mechanisms that are used to scale and manage Postgres databases can be applied to the directory database as well.

Stateless authorizers and a single directory

Some organizations may prefer to have all their authorizers connect to a single directory instead of keeping their own cache of the subject, object, and relation data.

Running a separate directory enables this scenario. In this type of deployment, the edge authorizers are completely stateless, and therefore are guaranteed to see exactly the same authorization data.


Some organizations want or need to self-host all of the components in their authorization solution. The smallest Aserto deployment is the Aserto Sidecar, but for organizations that want to use a relational directory without relying on the hosted Aserto Directory, this model is appropriate.


The easiest way to deploy the Local Directory is via a helm chart that includes a Sidecar as well as a Local Console, described next.