Best of AuthorizationJuly 2024

  1. 1
    Article
    Avatar of communityCommunity Picks·2y

    How to Build a Request Access Approval System using Next.js

    Next.js is a robust React framework for building web applications. Creating a Request Access Approval (RAA) System is essential for managing access to sensitive data within organizations. By using Permit.io, Next.js applications can handle complex access requests and manage approvals efficiently. The guide walks through setting up a Next.js project, integrating Permit.io for authorization, and implementing user management and access request components to safeguard critical information.

  2. 2
    Article
    Avatar of communityCommunity Picks·2y

    Building Secure Private Screens in React

    Modern applications often require fine-grained access control for private or restricted pages, documents, or features. Permit.io simplifies this by providing embeddable UI components for access sharing. This guide outlines the integration of Permit.io's Access Request Element into a React application, allowing users to request access to restricted resources, with admins being able to approve or deny these requests. The article also covers the necessary setup for authentication, the creation of backend routes, and the embedding of iframe components in a React app.

  3. 3
    Article
    Avatar of csharpcornerC# Corner·2y

    Understanding JSON Web Tokens (JWT)

    JSON Web Tokens (JWT) provide a secure, efficient means of authenticating and authorizing users in web applications. They consist of three parts: Header, Payload, and Signature, which are encoded and signed for security. JWTs' self-contained nature makes them ideal for scalable, stateless communication. Implementation involves generating, storing, and validating tokens while adhering to best practices such as securing secret keys, using HTTPS, and setting token expiration times.

  4. 4
    Article
    Avatar of cerbosCerbos·2y

    Cerbos Hub is now generally available!

    Cerbos Hub is now generally available, offering a scalable and extensible authorization service for developers, product, and security teams. It centralizes policy management and provides an intuitive interface, collaborative policy management, and a powerful CI/CD pipeline for seamless deployment and testing of policies. Cerbos adapts to various infrastructures including on-premise, cloud-based, and serverless environments, and features Embedded Policy Decision Points for low-latency authorization checks within applications.

  5. 5
    Article
    Avatar of communityCommunity Picks·2y

    RBAC and ABAC: The access control models you should know

    Role-based access control (RBAC) and attribute-based access control (ABAC) are two popular models for managing user access to resources. RBAC assigns permissions based on user roles, simplifying permission management but lacking flexibility for complex policies. ABAC, on the other hand, uses attributes to define policies, allowing for more dynamic and fine-grained access control but at the cost of increased complexity and potential performance impact. The choice between the models depends on the system's requirements, with practitioners often combining both to balance simplicity and flexibility.

See all Authorization archives