I tend to fall in the trap of once you have authenticated the person and passing... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

alex-olivier on Aug 25, 2021 | parent | context | favorite | on: API Tokens: A Tedious Survey

I tend to fall in the trap of once you have authenticated the person and passing tokens around that can hold claims/role for authorization, you will eventually reach the point where the tokens are getting so bloated due to the complexity of access controls.

AuthN is the next big challenge especially in a multi-tenant/multi-enterprise SaaS type platform

https://cerbos.dev/blog/the-hidden-costs-of-user-authorizati...

alex-olivier on Aug 25, 2021 [–]

...and by that I mean authorization is the next big challenge especially in a multi-tenant/multi-enterprise SaaS type platform

tptacek on Aug 25, 2021 | [–]

Authorization is authz, for what it's worth. "authn" means authentication.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact