Authorization in Software features chats with industry subject matter experts in Authorization. Some of the covered topics are: how authorization is implemented at specific companies (e.g.: Airbnb, Slack, Github), how industry standards relate to authorization, and the history of authorization in software.Damian Schenkelman hosts Authorization in Software. Damian is the creator of the OpenFGA project and a Principal Architect on the Auth0 Lab team, where he does research and development of forward looking products. Before Auth0, Damian spent many years working for and at Microsoft on Azure, and patterns & practices related initiatives. He loves spending his spare time with family, friends and catching up on all things NBA.
https://authorizationinsoftware.auth0.com/public/49/Authorization-in-Software-f9b69587
episode 7: Fine Grained Authorization, Open Source and Topaz
This episode explores the concept of Topaz, an authorization engine that unites policy as code, relationship-based authorization models like Zanzibar, and real-time decision-making. We discuss how Topaz is designed to handle fine-grained authorization, crucial in today's zero-trust environments, by making local decisions over local data. Omri discusses the architecture of Topaz, including its use of Open Policy Agent (OPA) and a triple store model for data.
You will gain insight into the challenges of authorization, the importance of keeping data and policies synchronized, and how Topaz addresses these issues. The conversation also touches on the practical aspects of implementing Topaz, such as data source integration, deployment models, and the flexibility it offers for different organizational needs.
This episode is essential for anyone interested in the latest trends and tools in software authorization, providing a comprehensive look at how Topaz is paving the way for more secure and efficient application development.