How Oyster Scaled Secure Global Hiring with Oso’s Flexible Authorization

Building a Borderless Workforce—With Security at the Core

Oyster is a global employment platform that enables companies to hire, pay, and manage talent seamlessly—regardless of location. 

Founded in 2019, Oyster is making global hiring easier for businesses and workers alike. With a fully distributed team spanning over 60 countries, Oyster helps organizations in 180+ countries build world-class teams without being constrained by borders. Trusted by companies like Aston Martin, Automattic, Culture Amp, and Hired, Oyster is recognized as G2’s leader in global employment platforms.

Oyster’s global HR platform handles highly sensitive employment and personal data, including salaries and legally protected personally identifiable information (PII). Serving customers of all sizes, it is critical that both internal and external teams only access the data and functions necessary for their specific roles, while handling the intricacies of local employment laws. This requires a flexible permissioning system that can quickly accommodate new product features and a growing customer base. That is why the Identity and Access Management (IAM) team at Oyster selected Oso.

The Team Behind Secure Innovation

As the Senior Product Manager at Oyster overseeing IAM, Eduarda Osthoff leads a team responsible for both authentication and authorization services. By establishing a central framework for roles and permissions, Eduarda and her team enable Oyster’s development squads to build new services into the HR platform—while ensuring security and regulatory compliance remain top priorities. 

HR teams have many different responsibilities and authorization systems have to be flexible enough to handle them all. Think talent acquisition, identity verification (“Know Your Customer, Know Your Employee”) , onboarding, payroll and benefits administration, performance management, employee relations, and learning and development. In the case of Oyster, this is all while navigating variances in regional regulatory, tax, and cultural requirements.

Eduarda describes her team’s mission: “To empower our customers and Oyster with the pinnacle of not only authentication and authorization, but also integration with other HR Information Systems and identity verification for employees hired through our platform.”

Too Complex, Too Slow: Why Oyster Moved Beyond In-House Authorization

Oyster started out building their own authorization system. From day one, they had to support three distinct authorization models—Role-Based Access Control (RBAC), Relationship-Based Access Control (ReBAC), and Attribute-Based Access Control (ABAC). This created significant complexity for the IAM team.

 Building a fully-fledged authorization system in-house took a lot of time and energy. We quickly realized it would be best to focus on our core business and offload most of the heavy lifting and maintenance to a specialized provider.

- Eduarda Osthoff, Senior Product Manager at Oyster

Oyster’s in-house authorization system soon revealed its limitations as the business grew. The existing framework lacked flexibility and struggled to support the complex requirements of HR apps:

• Hierarchical Structures: HR platforms always have org charts and user hierarchies, leading to layered role and permission inheritance. For example, managers can view data for their team, while higher-level managers inherit access to broader groups.  Enterprises using HR systems frequently demand the ability to customize roles, permissions, and access rules to fit their unique org structures.
• Cross-Functional Access Needs: In addition to HR, functions like finance, legal, and IT require selective, role-based access to employee data across the entire organization—creating complex, overlapping permission requirements.
• Embedded & Integrated Systems: HR systems are often integrated with or embedded into other enterprise back-office applications. This makes it impractical to hard-code authorization logic within business logic—there needs to be a clear, externalized way to check permissions across system boundaries.

Security was another concern. Manual processes in role assignment and in application recoding to implement new permissions left the system prone to errors, increasing the risk of granting incorrect permissions and exposing sensitive data to the wrong users. Adding new roles was equally problematic. Each implementation was labor-intensive, with no way to easily reuse previous work. In one case, developing a single new role consumed over three months of engineering effort as authorization code had to be modified in multiple locations in the code base.

From Evaluation to Execution: Building The Case for Oso

Oyster needed an authorization solution that was:

1. Scalable: Ready to support thousands more active users and increasingly large enterprise customers.
2. Reusable and Reliable: Allowing teams across the company to design specialized roles and permissions without rebuilding from scratch. Reliability is critical because if the authorization service goes down, so does Oyster. 
3. Auditable: Enabling clear records and oversight to satisfy stringent internal and external compliance demands.
4. Future-Proof: Flexible enough to accommodate new roles, permission types, and unanticipated changes to the platform.

Implementation time, reusability, reliability, auditability, and future-proofing were our key goals,” says Eduarda. “We wanted something that would still serve us well as we evolve and grow.

During the initial assessment, Oyster considered four authorization providers, narrowing down to two after further research. The team ran proofs of concept to evaluate how well each option handled complex policy requirements, along with its performance, documentation, and support quality.

Why did we select Oso? Because the product was solid, the documentation stellar, and the support excellent. Whenever we encountered issues—performance or otherwise—the Oso team was quick to respond and implement any necessary changes. They really stood out.

- Eduarda Osthoff

More than product training, the Oso Authorization Academy quickly became a go-to resource for Oyster’s developers to master advanced, vendor-neutral authorization concepts they can apply daily—whether using Oso or not.

One Framework, Every Access Model: How Oyster and Oso Simplified the Complex

Oyster’s IAM team ultimately chose Oso for its ability to unify RBAC, ReBAC, and ABAC models under one robust authorization service. By consolidating these models into a single, maintainable framework, Oyster gained the flexibility to tailor permissions for every use case—from smaller clients with simpler role structures to enterprise customers and partners requiring highly granular access policies, through to internal legal and compliance teams. 

• External Drivers Unlocking Expansion Into New Markets: Enterprise customers face the challenges discussed earlier—hierarchical structures, cross functional access needs, and integration into back-office suites. Oso proved a perfect fit to meet all of these requirements.
  
  
• Internal Drivers Supporting Business Growth: As Oyster grew, internal teams like InfoSec, Legal, and Compliance required tighter controls over data access. These teams needed assurance that different internal groups could only access the data relevant to their responsibilities, with the ability to restrict certain actions entirely. Meeting these demands became critical to maintaining regulatory compliance and protecting sensitive information at scale.

An immediate benefit was how straightforward it became to create and adjust new roles without major rewrites. Developers now define role rules in Oso’s policy files, quickly incorporate them into existing services, and move on. This consistent approach streamlines collaboration across the company’s various product teams—everyone works off the same code patterns and shared authorization logic.

Since adopting Oso in 2023, we've seen huge growth—and Oso has scaled with us. It supports more users, more regions, and evolving feature demands as we move upmarket to larger customers. The beauty of Oso is that we can keep adding new roles or refining existing ones without overhauling our entire infrastructure.

- Eduarda Osthoff

Today the team maintains around 90 policy files written in Polar, Oso’s declarative policy language. These files define the resources they want to control access to and the rules that govern that access. The team supports over 10,000 users, including both internal Oyster staff and external customers.

Deploying to Oso Cloud means Oyster’s authorization service is distributed globally, managing access policies right alongside local HR data. This provides both compliance with data sovereignty regulations and blazing fast access with authorization checks typically returning in under 10ms.  

The Impact of Oso: Faster, Safer, and Ready for What’s Next

By adopting Oso, Oyster transformed its authorization framework from a bottleneck into a key enabler of business growth, operational efficiency, and security. The impact has been significant:

• 8x Faster Role Implementation: Reusable code and declarative policy logic dramatically reduces development effort and accelerated delivery across engineering teams.
• Flexible, Scalable Permissions: Oso’s architecture allows Oyster to decouple authorization code from application logic so they can easily add and adapt permissions. This helps them support increasingly complex role requirements for both internal teams and enterprise customers.
• Robust Security Controls: Centralized, standardized authorization checks and role changes minimize the risk of human error in mis-assigning roles or in issues caused by implementing new roles in app code. This ensures sensitive employment data is only accessible to the right individuals.
• Empowering Growth Initiatives: Oso equips Oyster to confidently meet evolving needs, from supporting client-specific custom roles to meeting strict internal InfoSec and compliance requirements. This has enabled Oyster to sell upmarket into enterprise customers.

I don’t see Oso as just a service provider—it’s a true partnership, one where we can grow together.

- Eduarda Osthoff

Looking ahead, Oyster plans to continue using Oso as the foundation for permissions across new product offerings and services. As their enterprise customer base expands, they’re well-positioned to support more granular role hierarchies and advanced access models—all while maintaining the security and agility needed to stay ahead in a highly regulated, global HR market.

Next Steps

Oyster’s story illustrates that outsourcing complex authorization requirements can free engineering teams to focus on core product innovations. By choosing a partner whose product and support can adapt with your growth, you avoid the ongoing burden of building and scaling an in-house system. For teams at any stage—whether startup or enterprise—Oyster’s experience underscores the value of a flexible, expert-backed authorization solution like Oso to secure your platform and drive business agility.

Curious how to apply these best practices to your own applications? Our engineers are always available to share guidance on getting started with authorization design, scaling complex permission systems, or tackling specific challenges your team faces. Start the conversation by meeting an Oso engineer.