> For AuthZ, things are not surprisingly outsourced heavily to the application s... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mooreds on Jan 4, 2024 \| parent \| context \| favorite \| on: How Open ID Connect Works > For AuthZ, things are not surprisingly outsourced heavily to the application side. There's some newer startups working on extracting and centralizing AuthZ functionality. Ones I'm aware of: * permit.io * cerbos.dev * Oso I'm sure there are more.

taeric on Jan 4, 2024 [–]

I think this hits the same points I brought up in https://news.ycombinator.com/item?id=38873614. I do not claim that these should never be used. In fact, I would go farther and say in many cases this sort of thing should be used.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact