ZooKeeper's data model provides a mechanism to control the access to znodes using ACL. While creating a znode, the ACLs determine the permissions with respect to the various operations that you can perform on the znodes. The ZooKeeper ACL model is similar to the Unix/Linux file permissions in terms of permitting or preventing operations being done on a znode by setting/unsetting permission bits. However, the ZooKeeper node doesn't have the concept of ownership, which is present in the Unix/Linux filesystem. ACLs are determined on the basis of the authentication mechanism of the client and the ZooKeeper service.

ZooKeeper provides the following built-in authentication mechanisms based on ACLs: