BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage Authorization Content on InfoQ

  • ASP.NET Core Updates in .NET 9 Preview 2: Blazor, OIDC, OAuth and Configuring HTTP.sys

    Microsoft released .NET 9 Preview 2 which contains some updates regarding ASP.NET Core: Blazor component constructor injection, and WebSocket compression for Blazor interactive server components. Furthermore, developers can streamline authentication integration by customising OIDC and OAuth parameters and configuring HTTP.sys extended authentication flags.

  • Revolutionizing Digital Identity: How Verifiable Credentials Offer a New Era of Privacy and Control

    Auth0 recently published an in-depth explanation of Verifiable Credentials (VCs). The article emphasizes the potential of VCs to transform how identities are managed online. It highlights the limitations of current identity systems and how VCs can address these gaps, particularly in allowing identity claims to be disclosed without issuers knowing, thereby enhancing privacy and control for users.

  • Introduction of Auth0 Templates for .NET

    Auth0 Templates for .NET offers pre-built project templates with integrated Auth0 support for authentication and authorization. The development process is simplified, enabling the creation of Auth0-integrated .NET projects through familiar approaches from built-in templates. The project is open-source.

  • AWS Open-Sources Policy-Based Access Control Language Cedar

    AWS has open-sourced Cedar, their language for defining access permissions using policies. Cedar is integrated within both Amazon Verified Permissions and AWS Verified Access. Cedar can also be integrated directly into an application via the provided SDK and language specification.

  • Open-Source Access Control with OpenFGA

    Auth0 released version 1.0 of OpenFGA, an open-source authorization server for fine grained access control use cases. This release indicates the stability of OpenFGA’s APIs and its readiness for production deployments.

  • HashiCorp Vault Improves Multi-Namespace Workflows, Adds Managed Service for Azure

    HashiCorp has released version 1.13 of Vault, their secrets and identity management platform. This release includes multi-namespace access workflows, improvements to the Google Cloud secrets engine, usability improvements to MFA, and certificate revocation for cross-cluster management. HashiCorp has also released Vault as a managed service for Microsoft Azure environments.

  • AWS Creates New Policy-Based Access Control Language Cedar

    AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.

  • HashiCorp Boundary Adds Multi-Hop Sessions and Credential Templating

    HashiCorp has released version 0.12 of Boundary, their open-source identity-based access management service for infrastructure. This release introduces support for multi-hop sessions removing the need to expose Boundary workers running on private networks. Additional improvements include support for credential injection via Vault, assigning network addresses on targets, and credential templating.

  • Permit Elements Enables Low-Code User-Managed Access Control

    Permit.io has released Permit Elements, a low-code end-user authentication interface builder. Permit Elements allows developers to embed interfaces enabling their end-users to decide which roles have permission to perform actions. At the time of release, there are elements available for user management and audit logs.

  • Spring Authorization Server 1.0 Provides Oauth 2.1 and OpenID Connect 1.0 Implementations

    More than two-and-a-half years after being introduced to the Java community, VMWare has released Spring Authorization Server 1.0. Built on top of Spring Security, the Spring Authorization Server project supports the creation of OpenID Connect 1.0 Identity Providers and OAuth 2.1 Authorization Servers. The project supersedes the Spring Security OAuth project which is no longer maintained.

  • Google Cloud Adds IAM Deny Policies

    Google Cloud has moved IAM Deny policies into full general availability. IAM Deny policies work alongside the IAM Allow policies to provide more options for controlling which principals have access to which resources. IAM Deny policies are available with Google Cloud IAM for most permissions.

  • HashiCorp Vault Enhances Plugin Framework, Adds New Secrets Engines

    HashiCorp has released a number of new features and improved core workflows for Vault, their secrets and identity management platform. The improvements include a new PKCS#11 provider, support for Redis and Amazon ElasticCache as secrets engines, improvements to the Transform secrets engine, and a better user experience for working with plugins.

  • Spring Authorization Server 1.0 Planned for November 2022

    Spring Authorization Server 1.0 is planned for a GA release in November 2022, after starting the project two years ago. The Spring Authorization Server project replaces the, already End of Life, Spring Security OAuth project. The project is led by the Spring Security team and delivers support for OAuth 2.1 Authorization Server for Spring applications.

  • HashiCorp Vault Improves Eventual Consistency with Server-Side Consistent Tokens

    HashiCorp has released Vault 1.10, introducing a number of new features to their secrets and identity management platform. Server-side consistent tokens provide greater control over the eventual consistency model when using performance standby nodes. Authentication can now be performed using the new open source login multi-factor authentication integration.

  • Airbnb Streamlines the Development Process with a Unified Architecture for Collaborative Hosting

    Airbnb recently detailed how it designed and built a unified architecture for collaborative hosting. This architecture streamlines the development process of new products, as engineers only need to know about one central framework that will cover all hosting use cases. This framework encapsulates the specific types of collaborative hosting, freeing the engineers from the need to worry about them.

BT