diff --git a/ops/Makefile/common.mk b/ops/Makefile/common.mk
index 14e6d75b5ae..ca1ef102c5e 100644
--- a/ops/Makefile/common.mk
+++ b/ops/Makefile/common.mk
@@ -30,6 +30,7 @@ dev: ## Run for development mode
 		-f ops/docker-compose/database/redis/redis.yaml \
 		-f ops/docker-compose/application/auth/kratos/kratos.yaml \
 		-f ops/docker-compose/application/auth/hydra/hydra.yaml \
+		-f ops/docker-compose/application/auth/keto/keto.yaml \
 		-f ops/docker-compose/gateway/traefik/traefik.yaml \
 		-f ops/docker-compose/tooling/observability/grafana/grafana-tempo.yaml \
 		up -d --remove-orphans --build
@@ -42,6 +43,7 @@ run: ## Run this project in docker compose
 		-f ops/docker-compose/gateway/traefik/traefik.yaml \
 		-f ops/docker-compose/application/auth/kratos/kratos.yaml \
 		-f ops/docker-compose/application/auth/hydra/hydra.yaml \
+		-f ops/docker-compose/application/auth/keto/keto.yaml \
 		-f ops/docker-compose/application/api/api.yaml \
 		-f ops/docker-compose/application/metadata/metadata.yaml \
 		-f ops/docker-compose/application/logger/logger.yaml \
@@ -73,6 +75,7 @@ down: ## Down docker compose
 		-f ops/docker-compose/application/auth/keycloak/keycloak.yaml \
 		-f ops/docker-compose/application/auth/kratos/kratos.yaml \
 		-f ops/docker-compose/application/auth/hydra/hydra.yaml \
+		-f ops/docker-compose/application/auth/keto/keto.yaml \
 		-f ops/docker-compose/application/api/api.yaml \
 		-f ops/docker-compose/application/metadata/metadata.yaml \
 		-f ops/docker-compose/application/logger/logger.yaml \
diff --git a/ops/docker-compose/application/auth/keto/conf/keto.yml b/ops/docker-compose/application/auth/keto/conf/keto.yml
new file mode 100644
index 00000000000..416cf6b45fe
--- /dev/null
+++ b/ops/docker-compose/application/auth/keto/conf/keto.yml
@@ -0,0 +1,18 @@
+version: v0.11.1-alpha.0
+
+log:
+  level: debug
+
+namespaces:
+  - name: shortlink
+    id: 1
+
+serve:
+  read:
+    host: 0.0.0.0
+    port: 4466
+  write:
+    host: 0.0.0.0
+    port: 4467
+
+dsn: memory
diff --git a/ops/docker-compose/application/auth/keto/keto.yaml b/ops/docker-compose/application/auth/keto/keto.yaml
new file mode 100644
index 00000000000..4d7a8025f1b
--- /dev/null
+++ b/ops/docker-compose/application/auth/keto/keto.yaml
@@ -0,0 +1,32 @@
+version: '2.4'
+
+x-network: &network
+  networks:
+    - simple
+  dns:
+    - ${DNS_IP}
+  dns_search: ${DNS_SEARCH}
+
+services:
+
+  # -------------------------------------------------------------------------- #
+  # ORY KETO
+  # Access control policy engine
+  # https://www.ory.sh/keto/
+  # -------------------------------------------------------------------------- #
+
+  keto:
+    <<: *network
+    depends_on:
+    - coredns
+    image: oryd/keto:v0.11.1-alpha.0
+    environment: {}
+    command: serve -c /home/ory/keto.yml
+    container_name: keto
+    init: true
+    ports:
+      - "4466:4466"
+      - "4467:4467"
+    restart: on-failure
+    volumes:
+      - ./ops/docker-compose/application/auth/keto/conf:/home/ory