Best of AuthorizationMay 2024

  1. 1
    Article
    Avatar of systemdesigncodexSystem Design Codex·2y

    How LinkedIn Authorizes 10 Million API Calls Per Second

    LinkedIn utilizes Access Control Lists (ACLs) to manage access control at scale, facing challenges such as quick authorization checks, prompt ACL changes delivery, managing a large number of ACLs, and monitoring ACL data. They handle these challenges by running an authorization client module on every service, periodically refreshing ACL data, storing ACLs in a database with a cache, and logging authorization checks for monitoring purposes.

  2. 2
    Article
    Avatar of communityCommunity Picks·2y

    Stop Recommending JWTs (with symmetric keys) ◆ Truffle Security Co.

    This post discusses the issues with using symmetric key JWTs, including the high percentage of guessable keys and the risk of undermining authentication and authorization security.

  3. 3
    Article
    Avatar of cerbosCerbos·2y

    How to use Cerbos in Docker Compose (PDP + Hub)

    Learn how to use Cerbos in a Docker environment and understand its main components.

  4. 4
    Article
    Avatar of asayerasayer·2y

    Authentication and Authorization with SSR in Next.js

    This post discusses authentication and authorization in Next.js using SSR. It covers the different approaches to authentication in Next.js, highlights the use of NextAuth.js for handling authentication and authorization, and explains how role-based authorization can be implemented with SSR in Next.js.

  5. 5
    Article
    Avatar of cerbosCerbos·2y

    The technical complexities of decoupled authorization

    Decoupling authorization from the main application code can improve scalability, maintenance, and integration. However, it introduces technical complexities such as integration challenges, user account management, authorization checks for resource lists, security weaknesses, and performance bottlenecks. By following best practices, using standard protocols, and considering dedicated authorization platforms, these complexities can be mitigated.

  6. 6
    Article
    Avatar of freecodecampfreeCodeCamp·2y

    How to Secure Your Django App – Best Practices and Code Examples

    Learn best security practices for securing your Django app, including measures for authentication and authorization, protection against SQL injection attacks, prevention of cross-site scripting (XSS) attacks, and more.

See all Authorization archives