Blog

Company Updates & Technology Articles

From RBAC to ABAC

Role-based access control is a powerful pattern for handling many authorization use-cases, but in some cases - a more nuanced approach may be needed. In this post, we'll explore Attribute-Based Access Control, an authorization model that allows us to leverage dynamic user attributes to make fine-grained authorization decisions.

Blog post cover

Authorization: Library or Service?

When thinking about implementing an authorization solution, we are faced with the choice of whether to use a library that would be embedded in our application code, or to set up a service to which our application will make authorization calls. In this post, we'll examine the implications of choosing between the two in the context of authorization.

Jan 13th, 2022

Blog post cover

The Challenges of Using OPA for Application Authorization

The Open Policy Agent project is an incredibly flexible and powerful policy engine. In this post, we explore some of the challenges facing developers using OPA for application authorization, and we propose some ways of overcoming those challenges.

Jan 6th, 2022

Blog post cover

3 Essential RBAC Best Practices

In this post, we'll cover essential best practices for role-based access control (RBAC) including examples and a tool that can help.

Dec 23rd, 2021

Blog post cover

Building a React and Node app with Aserto Authorization

Adding an authorization layer to your React.js and Node.js application has never been easier! Learn how to create a role-based access control policy and how to use it to make authorization decisions in your application.

Dec 16th, 2021

Blog post cover

Modern authorization requires defense in depth

Zero-trust architectures encourage defense in depth. Fine-grained authorization solutions are emerging that complement coarse-grained ones.

Dec 11th, 2021

Blog post cover

Fine-grained authorization: what’s all the buzz about?

Fine-grained authorization is essential for selling B2B SaaS into larger accounts. Here’s how to evolve your model to meet those requirements.

Nov 1st, 2021