OPAL

Cloud-native / microservice-based products are complex. Building access control and managing permissions for them is only getting worse by the pull request.

A guide to figuring out which data fetching method is best for you, with full knowledge of each method’s ‘Good, Bad, and Ugly’ aspects.

Open Policy Administration Layer (OPAL) is an open-source administration layer for OPA and AWS' Cedar Agent that allows you to keep your authorization layer up-to-date in real time

A view of OPAL + OPA as an alternative to XACML

Cloud-based SaaS solutions need multi-tenancy. What is Multitenancy? What we can gain from it? How to easily implement it with two simple layers?

The Bikini Bottom guide to ABAC authorization models and their implementation with OPA

How to Build The Right App Authorization Solution - An Intro to Open Policy Agent

The Bikini Bottom guide to RBAC authorization models and their implementation with OPA

An Intellyx BrainBlog for Permit.io by Jason English

IAM is huge in DevSecOps, with seemingly infinite buzzwords and terms. Here are the main ones every engineer and security professional should know.

How Netflix solved the challenge of authorizing millions of users by using OPA, how you can adopt this solution, and possibly create something even better

OPAL, an open-source project, complements and enhances OPA and is already being used by companies like Tesla, Cisco, and the NBA.

Learn the best practices for implementing GitOps in your software development cycle. Read our article and adopt GitOps today to streamline your workflow.

The launch of AWS' OSS - Cedar is a tectonic shift in the IAM space. Permit.io supports with OPAL and Cedar-Agent.

Learn how to build a Cedar-based application authorization system. A practical tutorial to build a comprehensive auto-scaled solution with OPAL and Cedar agent.

Learn how to implement Relationship-Based Access Control (ReBAC) with OPA - an open source policy engine for controlling access to systems and resources.

Learn from a real case study how to Shift-Left in a way that will impact the product's security. Minimize friction between security and development teams.

Learn best practices for implementing ABAC (Attribute-Based Access Control) in application authorization, including real-world use cases and code examples.

Learn how Reddit built its advanced Ad Tech authorization system with Open Policy Agent (OPA) and how you can build one yourself with OPAL!

Policy languages and frameworks like OPA, Cedar, and OpenFGA are rising in popularity. Explore the solutions they provide, and the benefits of using them.

Learn how to implement hybrid cloud security using the multi-layer approach. Explore best practices with practical examples of IAM security and authorization.

Discover the possible tradeoffs when building fine-grained authorization (FGA). Learn from a real-world use case how to examine such tradeoffs and build better software.