Get started.
Add Pundit to your Gemfile or install it directly from the command line.
Authorization for Ruby on Rails.
Pundit
Minimal authorization through OO design and pure Ruby classes. No DSLs, no magic — just objects you already understand.
Open source that scales.
Pundit handles authorization through plain Ruby objects and natural OO patterns — no DSLs, no magic, no framework lock-in. Each policy is a class you own, test, and reason about. Read the docs on GitHub for the full API.
Varvet created Pundit in 2013 to solve a real problem on client projects: authorization that stayed readable as complexity grew.
Today it's downloaded over 95 million times, used across 38,000+ projects, and maintained by a community of 126 contributors. It became the de facto standard not because it was marketed, but because it works.
95M+Downloads
38,000+Dependent projects
8,500+GitHub Stars
126Contributors
GEMFILE
gem "pundit"TERMINAL
gem install punditView on RubyGems · Source on GitHub
Pundit is built and maintained by Varvet, a digital product studio in Gothenburg and Stockholm. If your team needs help with Rails architecture or product strategy, we'd love to talk.
Pundit originated from our blog post on simple authorization in Ruby on Rails apps. What started as a pattern we kept reaching for on client projects became an open source library used by tens of thousands of Rails applications worldwide.