Oso's Blog

Use Oso Cloud’s to query your policy. Our APIs allow you to go beyond questions like: “can this user perform this action on this resource.” With the query API, you can ask any question you want.

Learn about the data you need to enforce your authorization policy and how you can add it to Oso Cloud using the Facts page.

Oso Cloud’s Policy Editor allows you to create, edit, and save policies all within the dashboard.

Oso engineer, Mike Cen, gives us a firsthand look into jumping back into the weeds as an individual contributor after being a manager for seven years.

Oso engineer, Jordan Killpack, relishes opportunities to be a beginner and to follow interests down twisty passages to unknown destinations. Read about how this curiosity led her into knitting and working at Oso!

Find out how to handle authorization in microservices by sharing user role data and using it for permission checks everywhere.

As Oso’s first developer experience engineer, Corey Ashby, walks through creating a functional sample application using Oso Cloud.

Oso engineer, Vijay Ramamurthy, shares his journey into formal logic which all stemmed from writing an AI project to play Pokemon.

A look into Jesse Lax's, Oso Engineer, journey into software engineering and why he chose to work at Oso.

A case study on why to perform request validation on the data coming into your APIs, and how we wrote a type inference algorithm for ours - Oso Cloud.

Abhishek Parmar, co-creator of Google Zanzibar & Airbnb Himeji, joins Oso as technical advisor.

Oso Summer 2022 Hackathon

how to use Kubernetes Authorization webhooks to defer authorization decisions to Oso Cloud, a fully-managed authorization service.

How we use Rust, SQLx and Rocket to power Oso Cloud, our fully-managed authorization as a service

An overview of different patterns for building authorization in GraphQL

Oso winter hackathon 2021 - an opportunity to push boundaries and hack on fun projects we think the Oso product could do.

How we built Language Server Protocol (LSP) support for the Oso VS Code extension with Rust, WebAssembly (Wasm), and TypeScript.

How do you reliably perform authorization in a backend built with microservices? There are lots of valid answers, but they tend to fall into three groups.

Wayfair's journey from monolith into microservices and how it subsequently built out distributed authorization using Oso.

How we developed Oso to let you query your database using your authorization policy.

Oso is an authorization library that includes a declarative policy language. OPA is an authorization product that includes a declarative policy language. Despite that, there are many significant differences between the two! Here's a comparison.

Oso has libraries for Python, Ruby, Java, Javascript, Go, and Rust, and each of those libraries are based on a core that is written in Rust.

Guy Podjarny (Founder & President of Snyk.io) on optimizing developer experience, introducing security to developers, and when to offer a freemium product.

#PermissionsPepTalk. Not enough celebrities have talked about authorization and permissions in the public domain, so today we're bringing the topic to the fore as well. Here's what Alice Cooper, Lisa Loeb, Ghostface Killah, Kenny G, Mike Ditka, and Lena Headey have to say to developers working on permissions...

0.20 includes new approaches to: 1. Authorization modeling, including built-in primitives for common patterns like RBAC and ReBAC. 2. Data filtering for authorizing collections of data 3. APIs for enforcing authorization at different layers of the stack