We just led a webinar on How Google handles Authorization at scale, watch to learn more about whether it is the best approach to secure your application permissions

ReBAC - especially Google Zanzibar's implementation of it - is the wrong abstraction for authorization.

Simplified fact management and powerful query builder API's - and much more!

Simplified fact management and powerful query builder API's - and much more!

A look into the pros and cons of using TypeScript versus JavaScript, plus some thoughts on why there is so much drama around them lately.

A new set of reference material to help users take Oso into prod

Ashwyn Nair, Senior Software Engineer at Sensat, dives into how Oso has helped them create a safe space for their users to have full control over who can access their data.

Generate TypeScript types from your Polar policy - and much more!

Polar now has its own language server implementation, making it easier to write your authentication policies

View your monthly average user report in the Oso Cloud UI.

Peadar Coyle, Founder at AudioStack, dives into how they went from a homegrown authorization framework to using Oso and why it was critical to make this change for a GenAi company where protecting data is mission critical.

Why we moved from Fargate to ECS on EC2, and how we preserved a zero-downtime architecture in the process.

Announcing a new feature in authorization policies: a limited form of negation (not syntax).

How Oso uses Kafka and an Event Sourcing Architecture to deploy a highly-available, low-latency managed authorization service.

Adding access control to LLM chatbot responses with Oso Cloud and Postgresql

A comprehensive look at the design of Polar, and how we enabled it to operate over distributed data.

Using local data to answer authorization questions with Oso Cloud

A sample app that demonstrates RBAC, ReBAC, and ABAC in Node.js with Oso Cloud

This post provides specifics on when to use Oso, and when not to.

Simon Robb, Co-founder/CTO at Packsmith, covers the pain of custom-building authorization and the value of a centralized solution.

The 10 types of authorization and how to identify them.

How do you reliably perform authorization in a backend built with microservices? There are lots of valid answers, but they tend to fall into three groups.

Everyone’s talking about Zanzibar, and it’s easy to understand why. It handles authorization for Google, so surely it can handle it for you and me. But at what cost? And does that mean that it’s the right solution for the rest of us?

Tyson Hoffman, Senior Software Engineer at Lumio shares how authorization started as a low priority for their application and how it’s evolved since then. They can now easily define permissions and help curb unintended access.

Relationship-based access control (ReBAC) is an authorization pattern where permissions are derived from relationships between resources. In this blog post, you will learn how to implement ReBAC in Node.js with Oso Cloud