Skip to main content

24 posts tagged with "updates"

View All Tags

Warrant Changelog — March 2024

· 4 min read
The Warrant Team
Authorization Infrastructure for Developers

Warrant Changelog - March 2024

We were quite busy in the month of March, and we're excited to tell everyone about some of the new features we added. In this changelog, we'll cover (1) Check API & client SDK support for OIDC-based ID tokens, (2) some major additions to the Query API + performance improvements to the Check & Query APIs, (3) the addition of graph visualizations in the dashboard, and (4) the ability to create object types without any relations (a simple but much awaited feature). Let's get into it!

Warrant Changelog — Feb 2024

· 3 min read
The Warrant Team
Authorization Infrastructure for Developers

Warrant Changelog - Feb 2024

Hey folks! We're back and ready to tell you about our second batch of updates for the year! In this changelog, we'll primarily focus on (1) a new way to authenticate with the Warrant API to perform admin operations and (2) a new set of API endpoints for managing environments programmatically.

Warrant Changelog — Jan 2024

· 5 min read
The Warrant Team
Authorization Infrastructure for Developers

Warrant Changelog - Jan 2024

Hey everyone! 👋

In our latest batch of changes, we've made some major updates to the Warrant event + audit log, added the ability to configure org-level roles for teammates in the Warrant Dashboard, and made a ton of usability improvements to the Dashboard. Let's get into the details!

2023 Year in Review

· 5 min read
Aditya Kajla
Co-Founder @ Warrant

At Warrant, we're building authorization and access control infrastructure for developers.

Our mission is to provide developers with everything they need to quickly add enterprise-grade authorization and access control (roles and permissions, ABAC, fine-grained, pricing tiers and feature entitlements) into their applications, so they can focus on building their core products.

As a fast moving startup, our focus is often on 'now' and 'what's next', and less so on what 'was'. However, with only a few days left until 2024, I wanted to take a few minutes to reflect on an action-packed 2023 and all that our team accomplished this year.

Highlights

Warrant Changelog - September 2023

· 3 min read
Aditya Kajla
Co-Founder @ Warrant

Hey Everyone! It's been a while since our last product update. The team has been hard at work this summer with some major improvements to Warrant. We decided to take a quick break to tell you about some of the things we've been working on!

New CLI commands

The Warrant CLI is now the quickest way to get started with Warrant. We've added new commands for listing object types, making assertions on check requests (for testing), and managing objects (create, get, update, delete). The CLI now also supports multiple environments via the env command.

Check out these instructions to install and get started with the CLI.

Update CLI

Warrant Changelog - June 2023

· 4 min read
Aditya Kajla
Co-Founder @ Warrant

Here's what's new with Warrant this month:

Support for ABAC policies (including time-based warrants)

We're excited to announce that the Warrant authorization engine now supports expression and evaluation of ABAC policies in addition to its native ReBAC capabilities. Although most application authorization scenarios can be modeled via ReBAC (e.g. RBAC, fine-grained access control), there are certain scenarios where access depends on an object or environment's attributes.

For example, we might want to express a rule that states that [user:1] is a [member] of [role:admin] but only if that user's requests are originating from [ip-address:192.192.0.1]. Although Warrant's existing ReBAC engine allows us to represent the member relation between user:1 and role:admin, we must also check for the user's IP context at runtime for the full check to pass.

To enable such scenarios, Warrant now supports definition of policies directly within warrants and evaluation of those policies at runtime using 'contextual data' provided by the client. For the example above, we can define a warrant with an IP equality check as follows:

{
"objectType": "role",
"objectId": "admin",
"relation": "member",
"subject": {
"objectType": "user",
"objectId": "1"
}
"policy": "user.client_ip == \"192.168.1.1\""
}

This warrant states that [user:1] is a [member] of [role:admin] if [user.client_ip == 192.168.1.1]. At check time, a request with the following context would result in an access allowed response:

{
"objectType": "role",
"objectId": "admin",
"relation": "member",
"subject": {
"objectType": "user",
"objectId": "1"
}
"context": {
"user": {
"client_ip": "192.168.1.1"
}
}
}

In addition to strict equality (==), Warrant policies also support a variety of operands including comparators, regex and time (expiration) expressions. For more details, check out the docs.

Dashboard updates

We've also made a few significant improvements to the Warrant admin dashboard this month to make finding, viewing and editing your access control data much easier. More specifically:

Dynamic table views & sorting

All table views (e.g. tenants, users, roles, permissions etc.) now support sorting by column (e.g. by 'created_at' date) and dynamic, in-place data fetching via a 'load more' button to make it even easier for users to traverse and search through their data.

Table sort

Warrant Changelog - May 2023

· 3 min read
Aditya Kajla
Co-Founder @ Warrant

We missed sending out a product update for April but we're back for an even bigger May update! Lots to share including a new milestone for the Warrant open source service as well as some exciting updates to Warrant Cloud!

Warrant open source crosses 350 ⭐s

The Warrant open source service has hit a milestone of 350+ stars! The latest version (0.17.0) ships with MySQL, PostgreSQL and SQLite support along with enhanced debugging for access checks and a revamped events architecture. Check us out and give the repo a ⭐!

Warrant Changelog - February 2023

· 2 min read
Aditya Kajla
Co-Founder @ Warrant

Here's our product update for February:

Login with Google & GitHub

By popular demand, Warrant now supports login with Google & GitHub! New users can simply click on the 'Continue with Google' or 'Continue with GitHub' buttons to create their Warrant accounts.

Existing users can also login with Google & GitHub provided that the email address associated with Google and GitHub is the same as the one they used to register with Warrant.

Login with Google and GitHub

Warrant Changelog - January 2023

· 3 min read
Aditya Kajla
Co-Founder @ Warrant

It's a new year and we have lots of updates to share:

Revamped object types, now with type restrictions

We've revamped object types, making them more succinct and easier to work with. Additionally, object types now support type restrictions. For example, teams could previously specify in an object type that a user is an owner of report:A if that user is a member of another object that is an owner of report:A. However, it wasn't possible to specify that the user must be a member of a particular type of object (i.e. a tenant) in order to this inheritance to occur. This is now possible via the revamped object type schema. Check out an example below or read more in our docs.

{
"type": "report",
"relations": {
"owner": {
"inheritIf": "member",
"ofType": "tenant",
"withRelation": "owner"
},
"editor": {
"inheritIf": "anyOf",
"rules": [
{
"inheritIf": "owner"
},
{
"inheritIf": "member",
"ofType": "tenant",
"withRelation": "editor"
}
]
},
"viewer": {
"inheritIf": "anyOf",
"rules": [
{
"inheritIf": "editor"
},
{
"inheritIf": "member",
"ofType": "tenant",
"withRelation": "viewer"
}
]
}
}
}