Daniel Bass
Implementing Authentication and Authorization in Next.js
Learn how to implement a complete authentication and authorization solution in Next.js with this step-by-step implementation guide.
Read more
Application authorization enthusiast with years of experience as a customer engineer, technical writing, and open-source community advocacy. Comunity Manager, Dev. Convention Extrovert and Meme Enthusiast.
Daniel Bass
Learn how to implement a complete authentication and authorization solution in Next.js with this step-by-step implementation guide.
Daniel Bass & Gabriel L. Manor
Learn how to use JWTs for authorization the right way. This guide covers best practices, common mistakes, and why JWTs should carry identity, not permissions.
Daniel Bass & Gabriel L. Manor
We surveyed over 200 engineers about how they build and scale authorization. The data reveals where access control is heading, from RBAC and ReBAC to real-time checks and policy languages
Daniel Bass
Learn how to implement serverless authorization in your Node.js applications using the Serverless Framework. Set up access control with roles, attributes, and relationships using AWS Lambda and Permit.io.
Daniel Bass
How Salt Security integrated Fine-Grained Authorization (FGA) to enhance security, compliance, and user flexibility.
Daniel Bass
Learn how to design your authorization model and architecture with real-world use cases, user management, approval flows, and AI identity support.
Daniel Bass
Machine identity security is essential as AI agents become integral to your application. Discover best practices for managing access, auditing AI actions, and preventing cascading trust attacks.
Daniel Bass
Explore how to secure AI agents, protect against prompt injections, and manage cascading AI interactions with AI Security Posture Management (AISPM).
Daniel Bass
Learn how to decouple fine-grained authorization from Firebase Rules, improve them, and expand beyond Firebase Rules for authenticated users by externalizing fine-grained access control.
Daniel Bass
Machine identities are set to outnumber human users in every system. Learn why treating machine identities like human ones is crucial for security, access control, and future-proofing your applications.
Daniel Bass
Multi-tenant authorization combined with Role-Based Access Control (RBAC) simplifies user permissions management across different accounts, organizations, or groups. In this guide, we’ll explore why and how to implement Multi-Tenant authorization using Permit.io.
Daniel Bass & Filip Grebowski
Cookies are suitable for authentication and session management, while local storage is ideal for storing non-sensitive data on the client side. This detailed guide explains why and when to use each.
