We Built an Authorization Engine That the Fortune 100 Bet On

mmooreds about 6 hours ago 1 commentsRead Article on technology.org

⚡ Community Insights

Discussion Sentiment

0% Positive

Analyzed from 51 words in the discussion.

Discussion (1 Comments)Read Original on HackerNews

seymon•about 2 hours ago

Using something like this for centralized authorization across services works well for binary access control decisions.

But the problem that remains is "authorized search" in an efficient way. Asking permify what resources a user can access and then query the app postgres db with "WHERE resource_id IN ( {list}, {with}, {many}, {IDs}, ... )" does not scale well. How to solve this?