Authorization is still a nightmare for engineers: Launching Distributed Authorization

Authorization as a Service. The reality falls short of the promise. That’s because to use an authorization service, you have to send it a lot of application data. Any solution that signs you up for a data synchronization process isn’t providing a service. It’s creating a burden.

When we started work on Oso, we knew this. It’s one of the key problems we set out to solve. Today we’re taking a major step towards realizing that vision with the release of Distributed Authorization.

Distributed Authorization lets you apply your application data to authorization decisions without synchronizing it to Oso Cloud. Instead, you distribute authorization decisions between the Oso Cloud service and the Oso Cloud client in your application.

This may sound counterintuitive – shouldn’t an authorization service answer authorization questions on its own? Surprisingly, no.

Authorization starts with a question. Consider gitcloud, our sample version control app. You may be asked this question: May aliceview the amazing-app repository? In order to answer this question you need two things: logic and data. The logic might be:

Leave a Comment