Run the AuthZ Server

The AuthZ Server can be deployed as a self-contained Docker container, providing an isolated and reproducible runtime environment.

To start the server using the latest container image:

docker pull permguard/all-in-one:latest
docker run --rm -it \
  -p 9091:9091 \
  -p 9092:9092 \
  -p 9094:9094 \
  permguard/all-in-one:latest

Configuration parameters can be injected via environment variables, allowing full control over runtime behavior without modifying the container image.

The complete list of configurable parameters is documented in the Authz Server Configuration Options.

Example with debugging enabled:

docker pull permguard/all-in-one:latest
docker run --rm -it \
  -p 9091:9091 \
  -p 9092:9092 \
  -p 9094:9094 \
  -e PERMGUARD_DEBUG="TRUE" \
  permguard/all-in-one:latest

When PERMGUARD_DEBUG is set to TRUE, the AuthZ server operates in debug mode, providing verbose logging and diagnostic output suitable for development and troubleshooting scenarios.

It is also possible to access the local SQLite database used by the AuthZ Server by mounting a host directory into the container.

This allows direct inspection or interaction with the database files from the host system.

docker pull permguard/all-in-one:latest
docker run --rm -it \
  -v ./local:/opt/permguard/volume
  -p 9091:9091 \
  -p 9092:9092 \
  -p 9094:9094 \
  -e PERMGUARD_DEBUG="TRUE" \
  permguard/all-in-one:latest

In this setup, the SQLite database will be accessible on the host under the mounted path ./local.