We were quite busy in the month of March, and we're excited to tell everyone about some of the new features we added. In this changelog, we'll cover (1) Check API & client SDK support for OIDC-based ID tokens, (2) some major additions to the Query API + performance improvements to the Check & Query APIs, (3) the addition of graph visualizations in the dashboard, and (4) the ability to create object types without any relations (a simple but much awaited feature). Let's get into it!

Hey folks! We're back and ready to tell you about our second batch of updates for the year! In this changelog, we'll primarily focus on (1) a new way to authenticate with the Warrant API to perform admin operations and (2) a new set of API endpoints for managing environments programmatically.

Hey everyone! 👋

In our latest batch of changes, we've made some major updates to the Warrant event + audit log, added the ability to configure org-level roles for teammates in the Warrant Dashboard, and made a ton of usability improvements to the Dashboard. Let's get into the details!

At Warrant, we're building authorization and access control infrastructure for developers.

Our mission is to provide developers with everything they need to quickly add enterprise-grade authorization and access control (roles and permissions, ABAC, fine-grained, pricing tiers and feature entitlements) into their applications, so they can focus on building their core products.

As a fast moving startup, our focus is often on 'now' and 'what's next', and less so on what 'was'. However, with only a few days left until 2024, I wanted to take a few minutes to reflect on an action-packed 2023 and all that our team accomplished this year.

Highlights​

Happy Friday! It's the final day of Launch Week! In case you missed the previous days, you can catch up here: Day 1, Day 2, Day 3 and Day 4.

Throughout the week, we've talked about various nuts & bolts upgrades to the Warrant platform that bring improved performance, resiliency, and safety to the APIs and core authorization service.

Today, we're excited to introduce Warrant templates, a repository of pre-defined and purpose-built object types schemas designed to get you up and running with Warrant in minutes. Simply pick a template that matches your application use-case and deploy it into your Warrant environment using the CLI. Each template also ships with a test suite with sample tests, making it easy to iterate.

Welcome to Day 4 of Launch Week! In case you're just joining us, check out what we launched on Day 1, Day 2, and Day 3.

Yesterday's post detailed many of the enhancements we've made to Warrant over the past few months to improve overall performance and resiliency in production. Today's post is going to focus exclusively on testing and correctness, which are equally (if not more) important in an authorization service.

Happy hump day! Day 3 of launch week is focused entirely on some exciting performance and reliability upgrades for Warrant. In case you missed the previous days, here are the links: Day 1 and Day 2.

From the beginning, we've envisioned Warrant as a globally distributed, highly performant and highly available authorization service that developers can easily plug into their applications without worry. Building such a cloud service is tough. We're thankful to our customers who have entrusted us with powering their authorization and helped us evolve Warrant over the past year+ into a service that now processes millions of API requests per day while maintaining 99.995% availability (or < 30m of downtime per year).

Welcome to day 2 of our first Launch Week! On day 1, we introduced the new and improved v2 Warrant API. In case you missed it, you can catch up on the details here. Now let's get into day 2!

Warrant Query Language (WQL)​

In a recent blog post, Why Google Zanzibar Shines at Building Authorization, we detailed why Google Zanzibar is extremely well-suited to handling application authorization. One of the key reasons we covered is that Zanzibar is a stateful, centralized authorization service. This means the authorization rules for an application (along with any other data necessary to make authorization decisions for the application) are stored centrally in Zanzibar, making it possible to query access rules for a user or resource in real time without the need to consult another data source. This allows developers to not only audit users' access rules but to also query Zanzibar directly from their application to fetch only the resources a user has access to.

Today, we're excited to introduce the Warrant Query Language (WQL), a declarative, SQL-like language for querying Warrant for lists of access controlled data from the context of an application. In particular, WQL is there to help developers answer two types of queries from within their applications:

1. Which objects of type T does user U have access to?
2. Which users have access to object O?

Hey everyone! It's finally time to kick off our first ever Launch Week! Before we get started, for those of you who don't know: At Warrant, we're building authorization and access control infrastructure for developers.

The team has been hard at work over the past few months iterating on our platform in close partnership with our customers. We've improved many areas, from developer experience to performance and reliability, while also adding a slew of new features and can't wait to share more about everything we've built. Now let's get started!

On this inaugural day of Launch Week, we're excited to announce two huge releases:

• v1.0 of Warrant OSS, the open source, self-hostable authorization service powering Warrant
• Our v2 API, with tons of new features and improvements to both performance and developer experience

Let's get into the details!

Hey Everyone! It's been a while since our last product update. The team has been hard at work this summer with some major improvements to Warrant. We decided to take a quick break to tell you about some of the things we've been working on!

New CLI commands​

The Warrant CLI is now the quickest way to get started with Warrant. We've added new commands for listing object types, making assertions on check requests (for testing), and managing objects (create, get, update, delete). The CLI now also supports multiple environments via the env command.

Check out these instructions to install and get started with the CLI.