Will Gallego, Engineer at Jeli Inc.
Oso Bear of the Month is a series of interviews with developers in our community to connect and learn more about their authorization journey. For our December feature, we sat down with Will Gallego, Engineer at Jeli Inc., part of PagerDuty.
What is your authorization story? Share a bit on how you used Oso to solve for it.
Jeli needed a solution for granular access control in our incident analysis platform. We looked at several SaaS options, but Oso Cloud just felt right. It was a snap to set up, adding further controls have been seamless, and it's been a super reliable product. It's great when you can solve a problem quickly and easily.
What is one recommendation you would offer to someone doing authorization for the first time?
Start at a coarse level of access control and refine as you go to avoid trying to do too much at once. It's much easier to narrow down access than update data where different objects need an updated model.
Since using Oso, what's a new thing you have been able to accomplish?
Our customers can refine who has access to specific admin level controls. Likewise, there's sensitive data that has to be cordoned off, like security incidents for example. A long standing problem for us was how do we import Slack data from a private channel while maintaining that privacy in Jeli. Oso made that a fluid transition to add.
How do you think you have most benefited by using Oso?
The SDK for Oso makes it trivial to query and add data. Less code to maintain means we're moving fast on projects when we add or update features.
Anything additional you want to share about Oso, authorization, your experience?
It's great when you don't have to think about price or complicated querying patterns!
If you had a magic wand, what is one thing you would add or change in Oso?
For complex models, it can be a bit hard to reason out a search for particular data. If there were a way of setting up input boxes on common queries, that would be great!
For example - a resource may be based on a customer id, the resource id, and a user id. I want to see if a user has access to a particular resource under that customer and want to just drop those three pieces of info without writing a script on our end to query Oso's API.