Authorization as a Service (feat. Jake Moshenko)
Software Development, Finance and AI14 Mars 2024

Authorization as a Service (feat. Jake Moshenko)

Jake Moshenko⁠, CEO of ⁠AuthZed⁠, discusses the importance of permissioning databases and the challenges of implementing permissions at scale. He explains how AuthZed solves this problem by providing a common API for flexible and fine-grained authorization. The target market for AuthZed includes companies of all sizes that need to add complex permission workflows to their applications. Jake demonstrates how AuthZed can be integrated with backend systems, web applications, and mobile apps. He also explains the benefits of using AuthZed, such as increased security and improved product velocity. The conversation concludes with a discussion on the AuthZed schema language and how permissions and roles are defined in the system. Jake Moshenko introduces the concept of permissions and relations in the context of access control. He explains how permissions can be granted to users for specific actions on resources, and how relationships between users and objects are defined. Jake also discusses the flexibility of defining roles and the granularity of permissions. He demonstrates how permissions can be visualized and edited in a user interface, and highlights the benefits of using a startup solution for access control. The conversation concludes with a discussion on the importance of leveraging existing tools and trusting innovative startups.

Takeaways

  • Permissions can be granted to users for specific actions on resources, such as read, write, and admin privileges.
  • Relations define the relationships between users and objects, allowing users to be readers, writers, or admins of a particular object.
  • Roles can be used to group multiple privileges or permissions together, providing a higher level of access.
  • Design time actions involve configuring the access control system, while runtime actions involve making API calls to enforce permissions.
  • When considering building or buying a solution, it is important to focus on core competencies and leverage existing tools and services.

Chapters

00:00 Introduction and Background

01:04 The Problem of Permissions at Scale

05:25 Implementing Authorization for Different Client Types

06:46 Integration with Backend and Web Applications

10:24 Implementing Permissioning for Mobile Apps

14:25 Benefits of Using AuthZed for Permissioning

22:00 Granting Access to Resources with AuthZed API

25:11 Defining Permissions and Roles in AuthZed

30:42 Introduction to Permissions and Relations

31:11 Understanding Permissions and Roles

32:20 Decoupling Relationships and Actions

33:36 Granularity of Permissions

34:14 Grouping Privileges into Roles

36:01 Design Time and Runtime Actions

36:46 Visualizing and Editing Permissions

39:33 Trusting a Startup

53:36 Building vs. Buying Solutions

58:36 The Value of Innovation and Trust

Avsnitt(412)

(Part 1/2): How important is Technology Stack?

(Part 1/2): How important is Technology Stack?

(Part 1/2): How important is Technology Stack when it comes to: - Learning - Job Satisfaction - Job Security - Career Growth #snowpal #projectmanagementKeep it simple. Keep it on https://snowpal.com.

16 Aug 20227min

(Part 2/2) What does it mean to do things at scale?

(Part 2/2) What does it mean to do things at scale?

(Part 2/2) What does it mean to do things at scale? If you are thinking this podcast is about (Performance &) Scalability, think again! #snowpal #projectmanagementKeep it simple. Keep it on https://snowpal.com.

24 Juli 20225min

(Part 1/2) What does it mean to do things at scale?

(Part 1/2) What does it mean to do things at scale?

(Part 1/2) What does it mean to do things at scale? If you are thinking this podcast is about (Performance &) Scalability, think again! #snowpal #projectmanagementKeep it simple. Keep it on https://snowpal.com.

24 Juli 20226min

(Part 2/2) Repo-level project management using GitHub Projects

(Part 2/2) Repo-level project management using GitHub Projects

(Part 2/2) A little bit about GitHub Projects. #snowpal #projectmanagementKeep it simple. Keep it on https://snowpal.com.

21 Juli 20228min

(Part 1/2) Repo-level project management using GitHub Projects

(Part 1/2) Repo-level project management using GitHub Projects

(Part 1/2) A little bit about GitHub Projects. #snowpal #projectmanagementKeep it simple. Keep it on https://snowpal.com.

21 Juli 202210min

(Part 2/2) GitHub Codespaces: What is it, and how can we use it?

(Part 2/2) GitHub Codespaces: What is it, and how can we use it?

(Part 2/2) A little bit about GitHub Codespaces. #snowpal #projectmanagement Keep it simple. Keep it on https://snowpal.com.

21 Juli 202218min

(Part 1/2) GitHub Codespaces: What is it, and how can we use it?

(Part 1/2) GitHub Codespaces: What is it, and how can we use it?

(Part 1/2) A little bit about GitHub Codespaces. #snowpal #projectmanagement Keep it simple. Keep it on https://snowpal.com.

21 Juli 202210min

Implement menus: How hard can it possibly be?

Implement menus: How hard can it possibly be?

Say someone asked you to implement a "tiny" feature on an iPhone Mail App.Here's the (first part of the) requirement as Business provided it (to the dev team):- User can swipe right to left and when they do, 2 menu options should appear.- When you click on one of them, it should allow you to forward the email and when you click the other, it should archive it.Sounds simple enough?It should be simple till you get to the "the devil is in the detail" part. So, before I implement it, here are some questions I would have as a developer:- Can the user only swipe from right to left, or can they do vice-versa? And if they did that, what should happen?- If the user starts swiping but doesn't complete the action till they dragged it all the way to the very left, what should happen?- If the user swiped & performed an action but realized they were on the wrong item so wanted to undo, will they be able to do it? And if so, how?- Can they perform bulk actions? If so, is that a mutually exclusive action agnostic to the individual swipe?- After they swipe on one of the emails, say if they swiped on another. Will the subsequent action need to reset the state so the first one is now un-swiped?- Do we need to support multiple email accounts where each of them is rendered as a separate category? And if we did that, what should happen when a user swipes on one of the emails in each of those sections? Will that result in a reset of all states (of all other sections)?- And there's a few more I can think of off the top of my head but you get the idea.So, now, let me ask again:How simple is the design and implementation now? Did you have a change of heart and will you need to adjust your story points?"How hard can it possibly be?" :)#snowpal #projectmanagementKeep it simple. Keep it on https://snowpal.com. And just so that you can keep it simple, we do everything in our capacity to remove all the complexities. Rome was not built in a day as they say, and Snowpal 2.0 certainly wasn't either. We have built it brick by brick for your pleasure. Or, should I say, "swipe by swipe"? :)

21 Juli 20227min

Populärt inom Teknik

uppgang-och-fall
market-makers
elbilsveckan
natets-morka-sida
rss-elektrikerpodden
skogsforum-podcast
bli-saker-podden
rss-laddstationen-med-elbilen-i-sverige
rss-uppgang-och-fall
har-vi-akt-till-mars-an
hej-bruksbil
rss-upplyst-entreprenordirektor
developers-mer-an-bara-kod
rss-veckans-ai
bilar-med-sladd
rss-fabriken-2
rss-bakom-boken
rss-badfluence
rss-rapporterat
rss-powerboat-sverige-podcast