Implementing Modern Cloud Native Authorization Using OpenFGA - Andres Aguiar & Pauline Jamin

Don't miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon North America in Salt Lake City from November 12 - 15, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at https://kubecon.io Implementing Modern Cloud Native Authorization Using OpenFGA - Andres Aguiar, Okta & Pauline Jamin, Agicap Agicap is a SaaS product that allows businesses to centralize cash flow monitoring and put cashflow at the heart of their financial management. As we expanded our market reach from SMBs to mid-market enterprises, we realized we needed to provide clients with complete control over defining fine-grained authorization policies. In the last 10 years, we've seen great progress in the world of authentication, but authorization is still challenging for most engineering teams, and we were not an exception. Authorization logic was mixed with application code and difficult to adapt to new requirements. We decided to explore using a Relationship-Based Access Control (ReBAC) approach using OpenFGA, a CNCF sandbox project, and we were able to satisfy our requirements. In our session, we'll explain ReBAC and OpenFGA, and describe how it was used at Agicap. We will also share insights into how Behavior-Driven Design (BDD) tools enabled our Product Managers to define authorization use cases.