Skip to main content

Warrant Changelog - November 2021

· 2 min read
Aditya Kajla
Co-Founder @ Warrant

Here's what we've been up to in November:

Native, built-in support for RBAC

By popular demand, ‘group’ is now a pre-installed object type. ‘Groups’ can be used to easily group users and implement role based access control.

Dashboard updates

Lots of usability improvements and new functionality in the dashboard, including a new on-boarding flow with pre-filled code snippets that you can directly copy and paste into your code. You can also completely manage your app's object types and warrants from the dashboard and perform test access checks to check your work.

Authorization in 2021

· 6 min read
Aditya Kajla
Co-Founder @ Warrant

The topic of authorization has seen a recent resurgence in interest from developers and security folks alike. The OWASP Foundation, a trusted voice on web application security, just updated its Top 10 Web Application Security Risks and for the first time rated 'Broken Access Control' as the top vulnerability facing developers. Also this year, Airbnb, Carta, and Intuit each separately published deep-dives detailing their newly built internal authorization services.

Authorization is by no means a new security concept. So why this renewed attention to it? In this post, we’ll look at authorization as it stands today, what's changed in the landscape, and go over some best practices developers should follow.

Implementing Role Based Access Control in a Web Application

· 8 min read
Karan Kajla
Co-Founder @ Warrant

Access Control is the process of allowing (or disallowing) user access to specific resources or actions in a software system. For example, only allowing certain users access to internal admin pages on a website or only allowing paying users access to a premium feature. There are many approaches to implementing Access Control, but Role Based Access Control (RBAC) is one of the most popular and widely used. In this guide, we'll cover a standard way to implement RBAC and discuss some best practices for implementing Access Control in APIs and web applications.

Introducing Warrant

· 3 min read
Aditya Kajla
Co-Founder @ Warrant

At Warrant, we're building APIs and infrastructure to help developers add authorization and access control to their apps in less than 20 lines of code. Warrant handles the complexity of managing authorization so engineering teams can focus on building their core products.


Turn your code into this.