You are receiving this email because either we have met, chatted, or you’ve visited our websitecerbos.devand asked us to keep you up-to-date. If you have been forwarded this email, you cansubscribeand receive future updates directly from us. If you prefer not to receive these updates, you can unsubscribe below, but we hope you stay!
Embedded Authorization - Join us in alpha testing!
Cerbos Lite is a version that doesn’t require running a Cerbos Service instance. Policies are compiled into a static bundle that can be included in apps. This enables on-device authorization checks, consistent authorization, anywhere your application runs. Interested?
Having spoken to many of Cerbos’ users, having a workflow to author and manage policy is a top request - we have been working away on this and are looking for some keen users to test out this new way of using Cerbos.
Are you thinking about designing a scalable authorization process for your product? If so, don’t miss out on the talk Alex Olivier, Product Lead at Cerbos, will be hosting on Codementor.
The talk will be held on Nov 9, 6:30pm (GMT). If you are not able to attend the live event, you can always watch the recording at a later time.
Threading together fine-grained auth with Stytch and Cerbos
Stytch is an all-in-one platform for authentication and authorization. They provide a fully integrated suite offering a variety of auth solutions; including magic-links, passwords, OTP, session management, other hosted logins and more. Cerbos is an open source authorization layer that can handle all of your complicated business logic through simple configuration. It allows authorization to be plugged into your existing stack as a decoupled service.
How Utility Warehouse upgraded and centralized its access control system with Cerbos
Utility Warehouse wanted to upgrade its cumbersome in-house authorization system. Rob Crowe, the Principal Engineer at Utility Warehouse, selected Cerbos to centralize how the company managed user permissions.
Cerbos set early in 2021, not to reinvent the wheel, but to make authorization a clearer and simpler part of your application. Generally, there is a lot of complicated logic that goes into creating authorization permissions in an application. We sat down with our own Alex Olivier to go over what Cerbos is, and why it should be the go to for authorization.
When building a web application with authenticated users, it’s important to define which users can perform which actions. In this article, we dig into how to best set up your user roles. You’ll also learn how to ensure these roles are granular enough and how to think about changing user roles over time. Finally, we’ll briefly touch on the benefits of delegating role management to Cerbos so you can focus on your application logic.
As software engineers, we often think about authorization in terms of access control and authentication. We design our systems with a combination of user-friendly signup flows and secure logins. However, we don't consider the authorization of users once they're inside our application.
Designing an authorization model that scales with your business
Authorization logic includes a lot of layers and a lot of places for things to go wrong. From top-level concerns like assigning permissions to the fine-grained aspects of securing access to individual endpoints, each stakeholder involved must get things right for it to work.
Cerbos allows you to store your policies in a variety of ways. Sometimes, there might be a use-case for more dynamic management of your policies. Cerbos provides interfaces to various database backends (SQLite, Postgres, MySQL and SQL Server), which allow you to create, update, and retrieve policies and schemas via the Admin API.
The Decoupling Principle is a well-known but unwritten law: to ensure privacy, information should be divided architecturally and institutionally so that each entity (such as a company) has only the information they need to perform their relevant function. Read the full article to see the value of separating who you are from what you do.
The Guild rollout of free Single Sign-On for GraphQL Hive organizations
We want to give you a t-shirt! We also want to talk to you about Cerbos and get your feedback, both what you like and dislike, what are your primary use cases, if you are missing any particular functionality or have suggestions on how you would like us to improve the product.
.png)
