Oso's Blog

Authorization for the next billion developers.

The 10 types of authorization and how to identify them.

Despite the fact that authorization is a problem as old as software, it’s core to just about no one’s domain. So most people are looking for a Rails-like experience. So, an authorization system needs to be opinionated but flexible – opinionated to get you from zero to best practices quickly, but flexible to support all the things *your* app needs.

Today Oso Cloud, our supercharged authorization as a service, is generally available (GA).

A walkthrough on how to use Oso Cloud to build authorization in a GraphQL API.

Use Oso Cloud’s to query your policy. Our APIs allow you to go beyond questions like: “can this user perform this action on this resource.” With the query API, you can ask any question you want.

Learn about the data you need to enforce your authorization policy and how you can add it to Oso Cloud using the Facts page.

Oso Cloud’s Policy Editor allows you to create, edit, and save policies all within the dashboard.

Oso engineer, Mike Cen, gives us a firsthand look into jumping back into the weeds as an individual contributor after being a manager for seven years.

Oso engineer, Jordan Killpack, relishes opportunities to be a beginner and to follow interests down twisty passages to unknown destinations. Read about how this curiosity led her into knitting and working at Oso!

Find out how to handle authorization in microservices by sharing user role data and using it for permission checks everywhere.

As Oso’s first developer experience engineer, Corey Ashby, walks through creating a functional sample application using Oso Cloud.

Oso engineer, Vijay Ramamurthy, shares his journey into formal logic which all stemmed from writing an AI project to play Pokemon.

A look into Jesse Lax's, Oso Engineer, journey into software engineering and why he chose to work at Oso.

A case study on why to perform request validation on the data coming into your APIs, and how we wrote a type inference algorithm for ours - Oso Cloud.

Abhishek Parmar, co-creator of Google Zanzibar & Airbnb Himeji, joins Oso as technical advisor.

Oso Summer 2022 Hackathon

how to use Kubernetes Authorization webhooks to defer authorization decisions to Oso Cloud, a fully-managed authorization service.

How we use Rust, SQLx and Rocket to power Oso Cloud, our fully-managed authorization as a service

An overview of different patterns for building authorization in GraphQL

Oso winter hackathon 2021 - an opportunity to push boundaries and hack on fun projects we think the Oso product could do.

How we built Language Server Protocol (LSP) support for the Oso VS Code extension with Rust, WebAssembly (Wasm), and TypeScript.

How do you reliably perform authorization in a backend built with microservices? There are lots of valid answers, but they tend to fall into three groups.

Wayfair's journey from monolith into microservices and how it subsequently built out distributed authorization using Oso.

How we developed Oso to let you query your database using your authorization policy.