Authorization as a Service (feat. Jake Moshenko)

vpalania

Varun Palaniappan

Posted on March 15, 2024

Authorization as a Service (feat. Jake Moshenko)

Jake Moshenko,⁠ CEO of AuthZed,⁠ discusses the importance of permissioning databases and the challenges of implementing permissions at scale. He explains how AuthZed solves this problem by providing a common API for flexible and fine-grained authorization. The target market for AuthZed includes companies of all sizes that need to add complex permission workflows to their applications. Jake demonstrates how AuthZed can be integrated with backend systems, web applications, and mobile apps. He also explains the benefits of using AuthZed, such as increased security and improved product velocity. They go on to discuss the AuthZed schema language and how permissions and roles are defined in the system.

Jake Moshenko introduces the concept of permissions and relations in the context of access control. He explains how permissions can be granted to users for specific actions on resources, and how relationships between users and objects are defined. Jake also discusses the flexibility of defining roles and the granularity of permissions. He demonstrates how permissions can be visualized and edited in a user interface, and highlights the benefits of using a startup solution for access control. The conversation concludes with a discussion on the importance of leveraging existing tools and trusting innovative startups.

Image description

Takeaways

  • Permissions can be granted to users for specific actions on resources, such as read, write, and admin privileges.

  • Relations define the relationships between users and objects, allowing users to be readers, writers, or admins of a particular object.

  • Roles can be used to group multiple privileges or permissions together, providing a higher level of access.

  • Design time actions involve configuring the access control system, while runtime actions involve making API calls to enforce permissions.

  • When considering building or buying a solution, it is important to focus on core competencies and leverage existing tools and services.

Chapters

00:00 Introduction and Background

01:04 The Problem of Permissions at Scale

05:25 Implementing Authorization for Different Client Types

06:46 Integration with Backend and Web Applications

10:24 Implementing Permissioning for Mobile Apps

14:25 Benefits of Using AuthZed for Permissioning

22:00 Granting Access to Resources with AuthZed API

25:11 Defining Permissions and Roles in AuthZed

30:42 Introduction to Permissions and Relations

31:11 Understanding Permissions and Roles

32:20 Decoupling Relationships and Actions

33:36 Granularity of Permissions

34:14 Grouping Privileges into Roles

36:01 Design Time and Runtime Actions

36:46 Visualizing and Editing Permissions

39:33 Trusting a Startup

53:36 Building vs. Buying Solutions

58:36 The Value of Innovation and Trust

Podcast

Transcript

https://products.snowpal.com/api/v1/file/d3256699-1eaf-419b-b1e5-3bfa4f4a662e.pdf

Summary

Introduction and Background

  • Krish introduces the podcast and the guest, Jake Moshenko, providing a brief overview of Jake’s background and expertise in cloud-native ecosystem development.

  • They discuss Jake’s previous roles at companies like Amazon, Google, CoreOS, Red Hat, and IBM.

Overview of AuthZed

  • Jake explains the origins of AuthZed, citing the challenges faced during the development of Quay and the need for flexible permissions management at scale.

  • Jake discusses how the Zanzibar paper from Google inspired the creation of AuthZed to address these challenges.

Target Market and Use Cases

  • Krish seeks clarification on AuthZed’s target market and when it would be beneficial for companies to use the product. Jake explains that AuthZed is applicable to companies of all sizes, particularly those facing complex or evolving permissioning requirements in their applications.

  • They discuss scenarios where AuthZed can streamline authorization workflows and enhance security posture.

Use Case Discussion and Visualization

  • Krish presents a hypothetical scenario involving a mobile app and its backend, seeking clarification on how AuthZed fits into the architecture and whether it can simplify permissioning implementation.

  • Jake provides insights into how AuthZed integrates with backend services to facilitate authorization decisions, reducing the need for complex custom code. They discuss the benefits of leveraging AuthZed for permissioning tasks within various application contexts.

💖 💪 🙅 🚩
vpalania
Varun Palaniappan

Posted on March 15, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related