Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Authorization Content on InfoQ

  • Introduction of Auth0 Templates for .NET

    Auth0 Templates for .NET offers pre-built project templates with integrated Auth0 support for authentication and authorization. The development process is simplified, enabling the creation of Auth0-integrated .NET projects through familiar approaches from built-in templates. The project is open-source.

  • AWS Open-Sources Policy-Based Access Control Language Cedar

    AWS has open-sourced Cedar, their language for defining access permissions using policies. Cedar is integrated within both Amazon Verified Permissions and AWS Verified Access. Cedar can also be integrated directly into an application via the provided SDK and language specification.

  • Open-Source Access Control with OpenFGA

    Auth0 released version 1.0 of OpenFGA, an open-source authorization server for fine grained access control use cases. This release indicates the stability of OpenFGA’s APIs and its readiness for production deployments.

  • HashiCorp Vault Improves Multi-Namespace Workflows, Adds Managed Service for Azure

    HashiCorp has released version 1.13 of Vault, their secrets and identity management platform. This release includes multi-namespace access workflows, improvements to the Google Cloud secrets engine, usability improvements to MFA, and certificate revocation for cross-cluster management. HashiCorp has also released Vault as a managed service for Microsoft Azure environments.

  • AWS Creates New Policy-Based Access Control Language Cedar

    AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.

  • HashiCorp Boundary Adds Multi-Hop Sessions and Credential Templating

    HashiCorp has released version 0.12 of Boundary, their open-source identity-based access management service for infrastructure. This release introduces support for multi-hop sessions removing the need to expose Boundary workers running on private networks. Additional improvements include support for credential injection via Vault, assigning network addresses on targets, and credential templating.

  • Permit Elements Enables Low-Code User-Managed Access Control has released Permit Elements, a low-code end-user authentication interface builder. Permit Elements allows developers to embed interfaces enabling their end-users to decide which roles have permission to perform actions. At the time of release, there are elements available for user management and audit logs.

  • Spring Authorization Server 1.0 Provides Oauth 2.1 and OpenID Connect 1.0 Implementations

    More than two-and-a-half years after being introduced to the Java community, VMWare has released Spring Authorization Server 1.0. Built on top of Spring Security, the Spring Authorization Server project supports the creation of OpenID Connect 1.0 Identity Providers and OAuth 2.1 Authorization Servers. The project supersedes the Spring Security OAuth project which is no longer maintained.

  • Google Cloud Adds IAM Deny Policies

    Google Cloud has moved IAM Deny policies into full general availability. IAM Deny policies work alongside the IAM Allow policies to provide more options for controlling which principals have access to which resources. IAM Deny policies are available with Google Cloud IAM for most permissions.

  • HashiCorp Vault Enhances Plugin Framework, Adds New Secrets Engines

    HashiCorp has released a number of new features and improved core workflows for Vault, their secrets and identity management platform. The improvements include a new PKCS#11 provider, support for Redis and Amazon ElasticCache as secrets engines, improvements to the Transform secrets engine, and a better user experience for working with plugins.

  • Spring Authorization Server 1.0 Planned for November 2022

    Spring Authorization Server 1.0 is planned for a GA release in November 2022, after starting the project two years ago. The Spring Authorization Server project replaces the, already End of Life, Spring Security OAuth project. The project is led by the Spring Security team and delivers support for OAuth 2.1 Authorization Server for Spring applications.

  • HashiCorp Vault Improves Eventual Consistency with Server-Side Consistent Tokens

    HashiCorp has released Vault 1.10, introducing a number of new features to their secrets and identity management platform. Server-side consistent tokens provide greater control over the eventual consistency model when using performance standby nodes. Authentication can now be performed using the new open source login multi-factor authentication integration.

  • Airbnb Streamlines the Development Process with a Unified Architecture for Collaborative Hosting

    Airbnb recently detailed how it designed and built a unified architecture for collaborative hosting. This architecture streamlines the development process of new products, as engineers only need to know about one central framework that will cover all hosting use cases. This framework encapsulates the specific types of collaborative hosting, freeing the engineers from the need to worry about them.

  • Airbnb Builds Himeji - a Scalable Centralized Authorization System

    Airbnb recently described how it built Himeji, a scalable centralized authorization system. Himeji stores permissions data and performs permission checks as a central source of truth. It uses a sharded and replicated in-memory cache to improve performance and lower latencies and has served checks in production for about a year.

  • HashiCorp Boundary: Remote Access Management Service Adds OIDC Support

    HashiCorp has announced the release of version 0.2 of Boundary, their open-source identity-based access management service designed for dynamic infrastructure. This release includes support for OIDC authentication methods. The Boundary Desktop application is now at version 1.0 for macOS.