Introducing Built-in Support for Role Based Access Control
I'm excited to announce that Warrant now has built-in support for Role Based Access Control! 🥳 RBAC is one of the most widely used forms of access control, so we wanted to make it as easy as possible for developers to add robust RBAC to their apps. We also know that access control isn't a "set it and forget it" type of problem. Applications evolve over time, whether it's through new features or other changes, so we've made some major updates to the Warrant Dashboard to make it easier to manage RBAC in a live application.
Dashboard Updates
You can now easily create and manage groups through the Warrant Dashboard. Apply warrants directly to groups, add/remove users from groups, and view which groups users are part of all from your browser. When you make updates to a user's access rules, the updates are reflected in your app immediately.
Add/remove users from groups and apply warrants on groups
View which groups a user is part of and apply warrants directly on a user
API Updates
Under the hood, groups (AKA roles) are implemented using object types and a new resource called objects (more on this later). Warrant always supported the ability to implement RBAC by defining a group
(or role
) object type, but thanks to your feedback, we realized it was too cumbersome to make developers do this themselves. group
is now a default object type that developers can use right away to apply warrants to a group of users.
We've also introduced the concept of objects. Objects are specific instances of object types (e.g. the super-admin group
would be an object of type group
). Currently, developers can manage individual groups and their user membership via our API. We'll be expanding the objects functionality in the future, so stay tuned! With groups, implementing robust RBAC is dead simple, and you still have access to the full power of Warrant for fine-grained, user-level access rules when needed.
Get started with Warrant today and setup your own RBAC in minutes using one of our server-side SDKs (available for Java, Ruby, Python, Go, NodeJS).