- FGA
- ABAC
- ReBAC
- Case Study
Irrigating Innovation: How Fine-Grained Authorization Helps Developers Focus on What Matters
Externalizing FGA allows developers to focus on core application features, ensuring secure access control - A case study of Rivulis’ experience with FGA
Daniel Bass
Building an efficient access control system from scratch in-house means diverting valuable time and resources away from your core product.
This struggle is particularly evident in industries where innovation surrounding the core product and its efficiency are key, but security cannot be compromised. Rivulis, a leading company in the micro-irrigation sector, encountered this very issue. They needed an efficient, scalable solution to manage their complex authorization needs without detracting from their primary focus—delivering technology that revolutionizes irrigation for growers worldwide.
This case study explores how Rivulis utilized Fine-Grained Authorization (FGA) with Permit.io to solve complex permission and authorization challenges, enabling them to concentrate on what truly matters - building their product.
Watch the full case study here:
The Challenge: Balancing Innovation with Security
As a company that prides itself on leveraging technology to enhance traditional machinery, Rivulis found itself at a crossroads when dealing with the complexities of software-based authorization. Their system needed to manage multiple layers of access control, from internal users to external contractors and growers, all requiring complete separation while working within the same system. The nature of their software, which serves as a SaaS platform for irrigation planning, required an efficient solution to handle multi-tenancy, granular permission management, and an ever growing scale of users.
This system also needed to ensure that only authorized personnel could create, edit, or view irrigation plans based on specific attributes and organizational hierarchies. On top of that, with the company experiencing rapid growth, Rivulis needed a solution that could scale with them, handling an increasing number of users and authorization complexity.
The Rivulis team, with years of experience in both product management and software development, knew that building an in-house authorization system would divert valuable development resources away from their primary goal of developing innovative agricultural solutions. Thus, they sought to find a reliable, external solution to manage these challenges efficiently.
The Solution: Implementing Fine-Grained Authorization
After searching for effective ways to implement FGA without building it in-house, Rivulis decided to use Permit.io as their authorization-as-a-service provider.
Permit.io offered a comprehensive solution that addressed Rivulis's unique challenges, particularly the need for a flexible and scalable authorization system that could integrate with its existing infrastructure.
One of the primary challenges was managing the complex, multi-tenant environment of their SaaS platform, where different users and organizations required varying levels of access.
Implementing FGA through Permit.io allowed Rivulis to create detailed access control policies that went beyond simple role-based access control (RBAC). By incorporating Attribute-Based Access Control (ABAC) and Relationship-Based Access Control (ReBAC), Rivulis could define precise rules about who could access specific data and perform particular actions within the platform. This level of granularity was essential for ensuring that only the right users had access to irrigation planning tools and data.
With a diverse stack that included React, Next.js, and C# running in the cloud, and the requirement to support an AWS-based architecture, Rivulis found Permit.io’s multi-language SDKs efficient for integrating authorization across their frontend and backend. It also allowed them to do so without requiring a complete overhaul of their infrastructure.
This adaptability was a key factor in their decision, as it ensured that they could continue to innovate in their core business without being held back by security concerns.
The ability to deploy Permit.io’s authorization containers locally in the cloud reduced latency and improved the reliability of access checks, which was crucial for maintaining the performance of their real-time planning system. This hybrid deployment model provided the flexibility Rivulis needed, allowing them to maintain control over their authorization processes.
The Impact: Increased Efficiency and Security
The adoption of FGA through Permit.io had a profound impact on Rivulis' operations. By externalizing their authorization needs, they were able to save an estimated 30% of development time that would have otherwise been spent building and maintaining an in-house solution.
Hierarchical permission management also enabled Rivulis to effortlessly handle complex user roles and multi-tenant environments. Organization managers could now oversee and adjust permissions for their teams without requiring constant IT intervention. This not only improved security by adhering to the principle of least privilege but also enhanced the overall agility of their operations.
This efficiency gain allowed the Rivulis team to focus on what they do best: innovating in the field of micro-irrigation.
Conclusion: Cultivating Efficient Security
Rivulis’ experience demonstrates the power of Fine-Grained Authorization in complex, high-stakes environments. By choosing to externalize their authorization needs, Rivulis not only saved time and resources but also enhanced the security and scalability of their system. For companies facing similar challenges, especially in industries where precision and reliability are crucial, Rivulis’ journey offers a compelling case for adopting FGA as a key component of their tech stack.
In the words of the Rivulis team, “Permit.io just works—we don’t need to think about it anymore.” This peace of mind is invaluable as Rivulis continues to innovate and lead in the micro-irrigation industry, secure in the knowledge that its authorization needs are well-managed and future-proofed.