An evaluation of Oso's declarative programming language Polar towards Turing-completeness using decision problems.

Will Gallego, Engineer at Jelli, Inc. dives into his authorization journey and using Oso Cloud to manage granular access control.

Oso is purpose-built for application authorization. OPA is a general-purpose policy engine. This affects how you use them for authorization.

Oso Bear of the Month is a series of interviews with developers in our community to connect and learn more about their authorization journey. We sat down with Jake Hawkes, Staff Engineer at Sibi, to connect and learn more about their authorization journey.

Find out how to handle authorization in microservices by sharing user role data and using it for permission checks everywhere.

In ABAC, access control decisions are made by evaluating various attributes and policies, allowing for more fine-grained and flexible access control than traditional models like role-based access control (RBAC)

We are serious about our responsibility to our customers. We're excited to announce two ways that demonstrate our commitment to that responsibility: SOC 2 Certification and Oso's client-side cache, Fallback.

Introducing the Oso Modeler, a tool for modeling authorization like RBAC, ABAC and ReBAC and everything in between.

There are three key decisions in handling authorization data: storing the data, accessing the data, and modeling the data.

Implement Role Based Access Control (RBAC) and Relationship Based Access Control (ReBAC) in Oso instead of Node.js

This is a guest post by Peadar Coyle, the Co-Founder and CTO of Aflorithmic, a generative AI audio company, on how he evolved his company's authorization and permissions system.

Authorization logic (like RBAC, ABAC or REBAC) governs who can do what in an application and is core to building authorization services.

Authorization for the next billion developers.

There's a fundamental tension in authorization. Is it business logic or authorization logic? Should it be in the app, or separate? Let’s talk about what makes authorization hard, some of the approaches for solving it, and the associated tradeoffs.

Despite the fact that authorization is a problem as old as software, it’s core to just about no one’s domain. So most people are looking for a Rails-like experience. So, an authorization system needs to be opinionated but flexible – opinionated to get you from zero to best practices quickly, but flexible to support all the things *your* app needs.

Today Oso Cloud, our supercharged authorization as a service, is generally available (GA).

A walkthrough on how to use Oso Cloud to build authorization in a GraphQL API.

Use Oso Cloud’s to query your policy. Our APIs allow you to go beyond questions like: “can this user perform this action on this resource.” With the query API, you can ask any question you want.

Learn about the data you need to enforce your authorization policy and how you can add it to Oso Cloud using the Facts page.

Oso Cloud’s Policy Editor allows you to create, edit, and save policies all within the dashboard.

Oso engineer, Mike Cen, gives us a firsthand look into jumping back into the weeds as an individual contributor after being a manager for seven years.

Oso engineer, Jordan Killpack, relishes opportunities to be a beginner and to follow interests down twisty passages to unknown destinations. Read about how this curiosity led her into knitting and working at Oso!

As Oso’s first developer experience engineer, Corey Ashby, walks through creating a functional sample application using Oso Cloud.

Oso engineer, Vijay Ramamurthy, shares his journey into formal logic which all stemmed from writing an AI project to play Pokemon.

A look into Jesse Lax's, Oso Engineer, journey into software engineering and why he chose to work at Oso.