Daniel Bass
A Full Guide to Planning Your Authorization Model and Architecture
Learn how to design your authorization model and architecture with real-world use cases, user management, approval flows, and AI identity support.
Read more
Application authorization enthusiast with years of experience as a customer engineer, technical writing, and open-source community advocacy. Comunity Manager, Dev. Convention Extrovert and Meme Enthusiast.
Daniel Bass
Learn how to design your authorization model and architecture with real-world use cases, user management, approval flows, and AI identity support.
Daniel Bass
Machine identity security is essential as AI agents become integral to your application. Discover best practices for managing access, auditing AI actions, and preventing cascading trust attacks.
Daniel Bass
Explore how to secure AI agents, protect against prompt injections, and manage cascading AI interactions with AI Security Posture Management (AISPM).
Daniel Bass
Learn how to decouple fine-grained authorization from Firebase Rules, improve them, and expand beyond Firebase Rules for authenticated users by externalizing fine-grained access control.
Daniel Bass
Machine identities are set to outnumber human users in every system. Learn why treating machine identities like human ones is crucial for security, access control, and future-proofing your applications.
Daniel Bass
Multi-tenant authorization combined with Role-Based Access Control (RBAC) simplifies user permissions management across different accounts, organizations, or groups. In this guide, we’ll explore why and how to implement Multi-Tenant authorization using Permit.io.
Daniel Bass & Filip Grebowski
Cookies are suitable for authentication and session management, while local storage is ideal for storing non-sensitive data on the client side. This detailed guide explains why and when to use each.
Daniel Bass
Enforcing fine-grained access control is critical for AI-driven applications. Permit.io AI Access Control introduces a new Four-Perimeter Framework as well as a set of new integrations—PydanticAI, LangChain, MCP, and LangFlow—ensuring secure prompts, controlled AI workflows, and identity-aware AI decisions.
Daniel Bass
How externalizing authorization helped Centauri AI secure financial data while focusing on core product development.
Daniel Bass
Learn best practices for implementing permissions in Keycloak, from configuration to authorization enforcement. Build scalable access control systems for your applications.
Daniel Bass
Externalizing FGA allows developers to focus on core application features while ensuring secure authorization – A case study of HippHealth’s experience with Fine-Grained Authorization (FGA).
Daniel Bass
Learn how Open Policy Agent (OPA) is revolutionizing the way developers approach authorization. From managing policies with Rego to handling complex relationship-based access control (ReBAC) scenarios, discover practical OPA strategies, advanced use cases, and real-world insights.
