Permit.io Blog - Plushcap

Blog URL

www.permit.io/blog

Posts YTD

3 ↓ vs 42 last year

Avg Posts/Month

3.7 since 2022

Monthly Post Volume

Start year:

Post Details

Search:

Title	Author	Published	Words	HN Pts
Prompt Filtering with OpenAI: Using GPT for GPT Access Control	Gabriel L. Manor	2025-02-19	2,639	--
Permit.io Launch Week - Day 1: Optimized Developer Experience	Daniel Bass	2024-10-24	863	--
Best Practices for Implementing Hybrid Cloud Security	Gabriel L. Manor	2024-09-12	2,027	--
Permit.io Introduces Database-Level Authorization with Trino Integration	Dan Yishai	2025-11-24	1,448	--
Best Practices for Multi-Tenant Authorization	Daniel Bass	2025-03-19	2,480	--
Permit.io Launch Week - Day 3: Fine-Grained Modeling	Daniel Bass	2024-10-24	907	--
Implementing Authentication and Authorization in Vue	Gabriel L. Manor	2025-03-07	4,830	--
Implementing Authentication and Authorization in Next.js	Daniel Bass	2025-04-29	3,435	--
Introducing the New Permit.io CLI: A New Era of Access Control Developer …	Gabriel L. Manor	2025-04-30	2,422	--
Everything We Learned About Developer Conference Sponsorship	Daniel Bass	2024-09-03	3,082	--
Cookies vs. Local Storage: What’s the Difference? When and Where to Use …	Daniel Bass	2025-03-13	2,093	--
Permit.io in KubeCon 2024 - Here’s What We're Excited For	Gabriel L. Manor	2024-11-12	2,080	--
Salt Security: Enterprise-Grade API Security with Fine-Grained Authorization	Daniel Bass	2025-03-28	1,186	--
How Custom GitHub Actions Enabled Us to Streamline Thousands of CI/CD Pipelines	Eli Moshkovich	2024-09-17	2,157	--
Fine-Grained Access Control for n8n Workflows	Taofiq Aiyelabegan	2025-12-02	4,903	--
Everyone Loves Policy as Code, No One Wants to Write Rego	Or Weis	2024-12-04	1,478	--
Implement RBAC Authorization in a NestJS: Full Guide	Filip Grebowski	2023-06-30	1,784	--
AI Content Moderator - Why and how to build one with Gemini …	Gabriel L. Manor	2025-02-17	5,234	--
Permit.io Launch Week: Exciting Announcements and New Features!	Daniel Bass	2024-10-24	909	--
Firebase Rules Aren’t Enough: Decoupling Authorization for Scalable, Fine-Grained Access Control	Daniel Bass	2025-03-26	2,333	--
How to Implement Dynamic React Feature Flags (2025 Update)	Gabriel L. Manor	2024-11-11	2,128	--
How to Use JWTs for Authorization: Best Practices and Common Mistakes	Daniel Bass	2025-04-28	2,279	--
Best Practices for Implementing Permissions in Keycloak	Daniel Bass	2025-02-06	1,328	--
Implementing Fine-Grained Nuxt Authorization	Gabriel L. Manor	2025-05-29	3,232	--
Supabase Authentication and Authorization in Next.js: Implementation Guide	Gabriel L. Manor	2025-04-09	5,539	--
AI Agents Need an Access Control Overhaul - PydanticAI is Making It …	Uma Victor	2025-02-20	2,658	--
Django Role-Based Access Control (RBAC): Full Implementation Guide	Ekekenta Clinton	2025-01-23	1,672	--
The Challenges of Generative AI in Identity and Access Management (IAM)	Gabriel L. Manor	2025-01-09	1,498	--
A Guide to Bearer Tokens: JWT vs. Opaque Tokens	Gabriel L. Manor	2025-04-11	2,925	--
Permit.io Launch Week - Day 2: Precise Decisions	Daniel Bass	2024-10-24	1,092	--
Exploring the x402 Protocol for Internet-Native Payments	Or Weis	2025-11-13	1,312	--
Permit.io Announces a New Pricing Model	Gabriel L. Manor	2024-11-27	1,266	--
Implementing Role Based Access Control (RABC) in React	Gabriel L. Manor	2025-03-17	3,786	--
Django Authorization: An Implementation Guide	Ekekenta Clinton	2025-03-12	3,167	--
Best Practices for Microservice Authorization	Gabriel L. Manor	2023-04-13	1,661	--
Postgres RLS Implementation Guide - Best Practices, and Common Pitfalls	Uma Victor	2025-05-05	3,389	--
RBAC VS ABAC: Choosing the Right Authorization Policy Model	Daniel Bass	2023-03-16	1,625	--
Protecting Democracy Through Fine-Grained Authorization	Daniel Bass	2024-08-22	1,078	--
Building a Secure Flight Booking AI Agent with Langflow	Ekekenta Clinton	2025-03-10	2,484	--
The State of Authorization - 2025	Daniel Bass	2025-04-14	1,785	--
Coding Tutorial: Build a Secure Chat App with React, Firebase, and Permit.io	Gabriel L. Manor	2024-11-13	5,293	--
Permit.io Launch Week - Day 5: Fine-Tuned Performance	Daniel Bass	2024-10-24	940	--
Deploying On-Perm Fine-Grained Authorization Service	Eli Moshkovich	2025-11-25	1,287	--
Delegating AI Permissions to Human Users with Permit.io’s Access Request MCP	Gabriel L. Manor	2025-05-20	2,819	--
Human-in-the-Loop for AI Agents: Best Practices, Frameworks, Use Cases, and Demo	Gabriel L. Manor	2025-06-05	2,060	--
״Where״ Can They Go? Managing AI Permissions	Gabriel L. Manor	2025-01-06	1,343	--
Policy as Code \| From Infrastructure to Fine-Grained Authorization	Daniel Bass	2025-01-14	2,783	--
What is Policy as Code?	Or Weis	2022-12-13	2,378	--
Permit.io Launch Week - Day 4: Intelligent Integrations	Daniel Bass	2024-10-24	1,028	--
How to Implement Role-Based Access Control (RBAC) in Vue.js	Gabriel L. Manor	2025-03-04	2,753	--
Learn ReBAC vs ABAC by example: with Permit.io and AWS Cedar	Or Weis	2025-11-05	1,403	--
FastAPI RBAC - Full Implementation Tutorial	Uma Victor	2025-02-05	2,454	--
Managing Frontend Authorization in Vue with CASL	Gabriel L. Manor	2025-03-18	2,588	--
Policy Engine Showdown - OPA vs. OpenFGA vs. Cedar	Daniel Bass	2025-01-16	4,405	--
Implementing Database Permissions	Gabriel L. Manor	2025-01-22	2,803	--
How to Implement Role-Based Access Control (RBAC) Authorization in Golang	James Jarvis	2024-11-05	2,566	--
Flask RBAC: How to Implement Role-Based Access Control in a Flask Application	Uma Victor	2025-03-06	2,354	--
Authorization with Open Policy Agent (OPA)	Daniel Bass	2025-01-29	2,600	--
The “When” - Dynamic AI Access Control for a Changing Timeline	Gabriel L. Manor	2025-01-07	1,274	--
The “Who” - Understanding AI Identity in IAM	Gabriel L. Manor	2024-12-12	1,858	--
Fine-Grained Keycloak Authorization with ABAC and ReBAC	Gabriel L. Manor	2025-01-30	2,501	--
Identity Tokens Explained: Best Practices for Better Access Control	Gabriel L. Manor	2025-03-24	3,140	--
Why JWTs Can’t Handle AI Agent Access	Or Weis	2025-07-08	1,282	--
How to Implement Role-Based Access Control (RBAC) in Laravel	Steve McDougall	2025-01-15	2,500	--
Honeycomb - A Case Study in Fine Grained Authorization	Daniel Bass	2024-09-05	1,146	--
OPAL - an Authorization Service for Fine-Grained Permissions	Daniel Bass	2022-04-27	3,141	--
How HippHealth Secures Patient Data with Fine-Grained Authorization (FGA)	Daniel Bass	2025-02-03	1,130	--
How to Implement RBAC in an Express.js Application	Taofiq Aiyelabegan	2025-02-10	3,332	--
Implementing Access Control in Langchain: The Four-Perimeter Approach	Taofiq Aiyelabegan	2025-03-11	4,142	--
The Unspoken Tradoffs of Fine-Grained Authorization	Gabriel L. Manor	2024-10-02	3,285	--
How to Setup Role Based Access Control (RBAC) with Keycloak	Daniel Bass	2025-01-27	4,284	--
A Full Guide to Planning Your Authorization Model and Architecture	Daniel Bass	2025-03-28	3,654	--
ReBAC in Practice: Permit.io Vs OpenFGA	Or Weis	2025-11-05	990	--
Implementing Multi-Tenant RBAC in Nuxt.js	Gabriel L. Manor	2025-05-12	2,331	--
We Let AI Handle User Permissions (And it Works)	Gabriel L. Manor	2025-02-18	1,843	--
Machine Identity Security: Managing Risk, Delegation, and Cascading Trust	Daniel Bass	2025-03-28	1,907	--
The “What” - Adopting Proactive AI Identity Security	Gabriel L. Manor	2024-12-18	1,069	--
Implementing Fine-Grained Postgres Permissions for Multi-Tenant Applications	Uma Victor	2025-05-07	2,630	--
AI Security Posture Management (AISPM): How to Handle AI Agent Security	Daniel Bass	2025-03-27	2,036	--
The Arc Browser Vulnerability Exposes the Inefficiency of Row-Level Security (RLS)	Gabriel L. Manor	2024-09-27	2,041	--
What is RBAC? Uses and Implementation	Gabriel L. Manor	2024-01-30	1,436	--
Implement Multi-Tenancy Role-Based Access Control (RBAC) in MongoDB	Gabriel L. Manor	2025-04-15	7,983	--
The Ultimate Guide to MCP Auth: Identity, Consent, and Agent Security	Or Weis	2025-07-29	1,546	--
Building AI Applications with Enterprise-Grade Security Using RAG and FGA	Bartosz Pietrucha	2024-11-07	2,002	--
Top Open-Source Authorization Tools for Enterprises in 2026	Or Weis	2025-12-07	4,102	--
Why AI Agents Choose Permit.io for Authorization	Or Weis	2025-12-10	2,036	--
DeepSeek Completely Changed How We Use Google Zanzibar	Gabriel L. Manor	2025-02-24	2,743	--
Irrigating Innovation: How Fine-Grained Authorization Helps Developers Focus on What Matters	Daniel Bass	2024-08-29	936	--
Centauri AI: Enhancing AI-Driven Fintech with Fine-Grained Authorization (FGA)	Daniel Bass	2025-02-12	974	--
Announcing Permit.io AI Access Control: AI Identity FGA	Daniel Bass	2025-02-25	1,374	--
Prisma ORM Data Filtering with ReBAC	Gabriel L. Manor	2025-05-27	3,303	--
Implementing Serverless Authorization in Node.js with the Serverless Framework	Daniel Bass	2025-04-08	3,632	--
Policy-Based Access Control (PBAC) Isn’t as Great as You Think	Or Weis	2025-04-16	2,355	--
Implementing RBAC Authorization in Next.js - 2024 Updated Guide	Gabriel L. Manor	2023-03-09	2,189	--
So Long RBAC, and Thanks for All the Roles	Or Weis	2025-03-05	1,381	--
Authentication and Authorization with Firebase	Gabriel L. Manor	2025-03-20	7,087	--
How to Implement Role-Based Access Control (RBAC) in Angular	Bartosz Pietrucha	2024-09-30	2,464	--
What is Authorization as a Service?	Daniel Bass	2023-07-27	2,157	--
Implementing Prisma RBAC: Fine-Grained Prisma Permissions	Ekemini Samuel	2025-02-14	4,343	--
What is a Machine Identity? Understanding AI Access Control	Daniel Bass	2025-03-25	2,577	--
What the OpenAI–Mixpanel Incident Really Reveals About Metadata Risk	Or Weis	2025-12-22	2,097	--
Authorization Strategies for Model Context Protocol (MCP)	Or Weis	2025-12-29	1,176	--
RBAC vs ABAC & ReBAC: Choosing the Right Authorization Model	Or Weis	2026-01-05	1,212	--
Securing AI Agents: Why Traditional Authorization Isn’t Enough	Or Weis	2026-01-21	1,259	--
What is Token-Based Authentication?	Daniel Bass	2023-12-27	1,805	--
6 Low-Code Tools That Will Make You a Better Frontend Developer	Gabriel L. Manor	2023-07-19	1,041	--
The four mistakes you make building permissions	Daniel Bass	2022-08-21	2,405	--
Open-Sourcing AWS Cedar is a Gamechanger for IAM	Or Weis	2023-05-10	810	--
API Security: A Comprehensive Guide for Developers	Gabriel L. Manor	2024-01-18	1,854	--
401 vs. 403 Error Codes: What's the Difference? When to Use Each? …	Gabriel L. Manor	2023-09-28	1,830	--
How to Model (and Implement) Cloud-Native Authorization	Daniel Bass	2024-05-09	2,693	--
How to Implement Attribute-Based Access Control (ABAC) Authorization?	Gabriel L. Manor	2023-12-15	1,878	--
DevSecOps is nothing without DevEx	Daniel Bass	2023-10-17	1,494	--
Best Practices for Effective User Permissions and Access Delegation	Daniel Bass	2024-05-30	1,984	--
Announcing “Permit Share-If"	Daniel Bass	2024-07-24	799	--
The Developer’s Guide to Identity Access Management Buzzwords	Or Weis	2022-12-11	1,448	--
OPAL + OPA VS XACML	Daniel Bass	2022-05-18	1,679	--
Step-By-Step Tutorial: Frontend Authorization with Next.js and CASL	Filip Grebowski	2024-04-10	2,407	--
Best Practices for API Authorization	Daniel Bass	2023-12-28	1,534	--
OAuth vs. JWT: What's the Difference for Application Development	Gabriel L. Manor	2024-01-08	1,243	--
What Is Attribute-Based Access Control (ABAC)?	Gabriel L. Manor	2023-12-13	1,849	--
Send SMS Directly from the Browser (No Backend Code Required!)	Gabriel L. Manor	2023-05-31	2,298	--
An intro to Open Policy Agent (OPA)	Daniel Bass	2022-03-07	1,888	--
Best Practices for Authorization in Python	Gabriel L. Manor	2023-07-18	1,705	--
The Ultimate Guide to Permit Elements	Filip Grebowski	2023-01-24	1,689	--
Authorization still tops OWASP top 10 API Security risks for 2023	Daniel Bass	2023-06-20	1,142	--
How to Use CASL for Implementing Authorization in React	Filip Grebowski	2024-04-16	1,845	--
45 Questions to Ask Yourself Before Modeling Authorization	Daniel Bass	2024-05-07	1,668	--
Building Immune Authorization: AppSec in Healthcare Apps	Daniel Bass	2023-11-27	1,879	--
How to Implement Authorization into a FastAPI Application	Gabriel L. Manor	2023-07-13	2,011	--
Permit.io's Top 6 Dev Podcasts of 2022	Daniel Bass	2022-12-20	883	--
Should You Roll Your Own RBAC Authorization?	Daniel Bass	2023-07-24	1,298	--
Attribute-Based Access Control (ABAC) VS. Relationship-Based Access Control (ReBAC)	Daniel Bass	2023-10-04	1,959	--
Everything You Need to Know about AWS’ Cedar Policy Language	Or Weis	2023-07-02	525	--
How to Implement RBAC (Role-Based Access Control) in Astro Framework	Gabriel L. Manor	2024-06-20	1,642	--
What is Fine Grained Authorization (FGA)?	Gabriel L. Manor	2024-08-01	4,119	--
Migrating from RBAC to ABAC with Permit.io	Daniel Bass	2023-05-16	1,092	--
Launching Permit.io	Or Weis	2022-02-15	543	--
7 Developer Tools to Prepare Your Stack for the GenAI Era	Gabriel L. Manor	2024-07-24	1,212	--
Planning App Role-Based Access Control (RBAC) Implementation	Daniel Bass	2023-04-27	1,553	--
Introducing FoAz: Frontend-only-Authorization	Or Weis	2023-05-31	417	--
Send Emails via Mailgun’s API directly from the browser	Shuvy Ankor	2023-06-08	1,319	--
Next.js Passwordless Authentication with SuperTokens & Twilio	Filip Grebowski	2023-06-12	3,472	--
What is Google Zanzibar?	Daniel Bass	2024-06-05	2,361	--
What is Relationship-Based Access Control (ReBAC)?	Daniel Bass	2023-08-30	2,471	--
How to Add RBAC Authorization to Auth0	Gabriel L. Manor	2023-04-26	2,213	--
How to choose an Authorization Service?	Or Weis	2023-01-04	1,220	--
OPA v1 is Almost Out! Here’s What You Need to Know	Daniel Bass	2024-04-11	1,143	--
12 Open Source Auth Tools That Will Help You Build Better Applications	Gabriel L. Manor	2023-12-06	1,983	--
How to Implement RBAC (Role-Based Access Control) in Supabase	Arindam Majumder	2024-05-14	3,003	--
Beyond RBAC: When standard models just aren’t enough	Daniel Bass	2024-02-13	1,840	--
Authorization Policy Showdown: RBAC vs. ABAC vs. ReBAC	Daniel Bass	2023-10-25	3,238	--
Reinvent Access Control with Passkeys and Fine-Grained Authorization	Gabriel L. Manor	2023-10-26	2,529	--
Permit.io Cedar Implementation Q&A: Everything you need to know	Daniel Bass	2023-05-22	1,176	--
Don't Code Alone: The Best Developer Communities of 2023	Daniel Bass	2023-10-24	834	--
OPA for App-Level Authorization, from RBAC to ABAC in Scale	Gabriel L. Manor	2023-07-02	592	--
Permit Scaling Up with Scale VP	Or Weis	2024-02-15	674	--
Best Practices to Implement Role-Based Access Control (RBAC) for Developers	Gabriel L. Manor	2024-02-07	1,564	--
Policy Engines: Open Policy Agent vs AWS Cedar vs Google Zanzibar	Daniel Bass	2023-08-17	1,225	--
Build Authorization Like Google	Daniel Bass	2023-11-30	2,677	--
5 steps to building NSA-level access control for your app	Daniel Bass	2023-04-16	2,203	--
How to Create an Authorization Middleware for Fastify	Gabriel L. Manor	2023-03-24	2,065	--
Turning Secure Access Into Child’s Play with Permit Access Request APIs	Maya Barak	2024-04-22	1,272	--
Permit Elements	Or Weis	2023-01-24	551	--
MAC, DAC, RBAC, and FGA: A Journey Through Access Control	Daniel Bass	2024-08-13	2,587	--
10 Exceptional Developer Tools Launched in 2023	Gabriel L. Manor	2023-09-11	1,677	--
Building and Testing App Permissions with Cypress	Gabriel L. Manor	2023-03-08	2,143	--
Add a Slack Chatbox Directly into Your React App	Gabriel L. Manor	2023-07-05	2,142	--
How to implement RBAC with Permit.io	Shuvy Ankor	2023-01-05	1,734	--
Implementing Role-Based Access Control (RBAC) with AWS’ Cedar	Daniel Bass	2023-06-13	2,440	--
The Definitive Guide to OAuth Tokens	Gabriel L. Manor	2024-01-09	1,624	--
How to Implement Multitenancy in Cloud Computing	Or Weis	2022-08-01	788	--
5 Ways to Improve your AWS IAM Roles and Policies	Raz Cohen	2022-07-24	2,822	--
Authentication and Authorization in Applications	Gabriel L. Manor	2023-12-20	968	--
Intellyx BrainBlog: The Perks and Pitfalls of Homebrewing Permissions with Open Source	Jason English	2022-08-10	1,089	--
How we got our Dev Tool ‘Product of the Day’ in Product …	Daniel Bass	2023-09-15	2,414	--
Building Healthcare App Authorization in Space with Next.js and Permit.io	Daniel Bass	2023-11-28	2,886	--
Generate Personalized Frontend Experiences with User Attributes and Feature Flags	Daniel Bass	2024-05-22	1,973	--
Best Practices for Authentication and Authorization in API	Gabriel L. Manor	2024-01-19	1,573	--
How to Implement Authorization in an Express Application	Gabriel L. Manor	2023-05-29	2,673	--
BingBang - Why Authentication is no Longer Enough	Or Weis	2023-03-30	722	--
Low-code ABAC: a prerequisite for the Future	Or Weis	2022-09-29	659	--
JWTs Aren’t Made for Authorization	Daniel Bass	2024-05-20	2,093	--
OPA, Cedar, OpenFGA: Why are Policy Languages Trending Right Now?	Daniel Bass	2024-05-02	2,264	--
How Discord Built `Access!` - An Authorization Management Portal	Daniel Bass	2024-06-18	1,839	--
Conditions vs. Relationships: Choosing Between ABAC and ReBAC	Daniel Bass	2024-06-28	1,901	--
Intellyx BrainBlog: Authorization the Cloud Native Way	Jason Bloomberg	2022-07-19	1,177	--
How to Implement Role Based Access Control (RBAC) using Open Policy Agent …	Daniel Bass	2022-01-11	1,439	--
Role-Based Access Control (RBAC) VS. Relationship-Based Access Control (ReBAC)	Daniel Bass	2023-09-21	1,823	--
You're Doing Shift-Left Wrong	Daniel Bass	2023-09-07	2,136	--
Top 5 Access Control Features You Should Implement in 2024	Gabriel L. Manor	2023-12-26	1,729	--
Intellyx BrainBlog: Implementing Authorization in your Apps Doesn’t Have to be a …	Jason Bloomberg	2022-10-13	968	--
The Definitive Guide for Implementing Authorization in Laravel	Gabriel L. Manor	2024-07-02	3,393	--
How Reddit Scaled to Millions of Decisions Per Second	Daniel Bass	2024-02-15	1,897	--
AuthN vs. AuthZ: Understanding the Difference	Daniel Bass	2023-02-14	649	--
Kubecon EU 2023 - Must Not Miss List	Gabriel L. Manor	2023-04-16	2,106	--
Protecting Your Users' Data from AI Training Crawlers	Daniel Bass	2024-08-20	2,113	--
Scaling Authorization with Cedar and OPAL	Gabriel L. Manor	2023-05-24	2,805	--
From RBAC to ReBAC and ABAC with Next.js and Permit.io	Daniel Bass	2024-03-26	2,514	--
Building App Authorization: The 5 Keys for Scalability and Compliance	Daniel Bass	2023-02-23	641	--
Crafting Your Own Application: The 4 Essential Building Blocks	Filip Grebowski	2023-04-15	1,255	--
No-code permissions with Kong and Permit.io	Shaul Kremer	2022-09-29	992	--
How to Implement Relationship-Based Access Control (ReBAC) Using Open Policy Agent (OPA)	Daniel Bass	2023-09-06	2,625	--
How to Implement Attribute Based Access Control (ABAC) using Open Policy Agent …	Daniel Bass	2022-01-17	1,537	--
The Case for Centralized IAM	Daniel Bass	2022-01-06	1,267	--
Implementing GraphQL Authorization: A Practical Guide	Arindam Majumder	2024-07-11	1,801	--
Implementing Authorization in 4 Node.js Frameworks	Gabriel L. Manor	2023-07-02	620	--
Policy as Code: OPA's Rego vs. Cedar	Or Weis	2023-05-15	1,182	--
Location-Based Access Control Made Easy with Next.js and IPinfo	Filip Grebowski	2023-06-28	2,329	--
Google Zanzibar vs OPA - Graph vs. Code Based Authorization	Or Weis	2023-06-07	1,072	--
Send Frontend App Events Directly to Slack	Gabriel L. Manor	2023-07-07	1,625	--
A Guide for an Awesome Custom Auth0 Universal login	Oded Ben David	2022-01-24	1,468	--
How to build authorization like Netflix with Open Source?	Daniel Bass	2023-02-19	1,073	--
Load external data into OPA - The Good, The Bad, and The …	Oded Ben David	2022-04-04	2,452	--
How to Use OAuth Scopes for Authorization	Daniel Bass	2023-11-20	1,265	--
MAC vs. DAC: Comparing Access Control Fundamentals	Gabriel L. Manor	2024-08-08	1,928	--
Best Practices for Authorization Audit Logs	Daniel Bass	2023-07-20	2,000	--
Access Control - from scary to simple with one open-source tool	Filip Grebowski	2023-03-28	1,243	--
Announcing Permit MCP Gateway	Or Weis	2026-03-17	927	--

Plushcap, by Matt Makai. 2021-2026.