Blog
Company Updates & Technology Articles
Authorization: Library or Service?
When thinking about implementing an authorization solution, we are faced with the choice of whether to use a library that would be embedded in our application code, or to set up a service to which our application will make authorization calls. In this post, we'll examine the implications of choosing between the two in the context of authorization.
The Challenges of Using OPA for Application Authorization
The Open Policy Agent project is an incredibly flexible and powerful policy engine. In this post, we explore some of the challenges facing developers using OPA for application authorization, and we propose some ways of overcoming those challenges.
Jan 6th, 2022
3 Essential RBAC Best Practices
In this post, we'll cover essential best practices for role-based access control (RBAC) including examples and a tool that can help.
Dec 23rd, 2021
Building a React and Node app with Aserto Authorization
Adding an authorization layer to your React.js and Node.js application has never been easier! Learn how to create a role-based access control policy and how to use it to make authorization decisions in your application.
Dec 16th, 2021
Modern authorization requires defense in depth
Zero-trust architectures encourage defense in depth. Fine-grained authorization solutions are emerging that complement coarse-grained ones.
Dec 11th, 2021
Fine-grained authorization: what’s all the buzz about?
Fine-grained authorization is essential for selling B2B SaaS into larger accounts. Here’s how to evolve your model to meet those requirements.
Nov 1st, 2021
Handling data in OPA policies
Passing data into the decision engine is a critical design choice for a robust authorization system. Here are four common patterns, each with their own tradeoffs.
Oct 27th, 2021