We're excited to announce a brand new video that takes a deep dive into how Cerbos can integrate seamlessly into your existing software ecosystem. We go through its functionality, main features, and the benefits of using Cerbos for fine-grained authorization in your applications.
Think of your software stack as a busy airport terminal where passengers (requests) have to go through security (authentication and authorization) before boarding their flights (accessing resources). Cerbos acts like an advanced security system that ensures only authorized passengers get through.
Your application, whether it's a monolith or a microservices architecture, first authenticates the end users. The application then queries your identity provider to gather details like the team, roles, and other attributes of the user. At the same time, it fetches the resource details the user wants to access.
Traditionally, the authorization logic that matches users to resources is hardcoded into your application using complex IF-ELSE/CASE-SWITCH statements. Cerbos eliminates this rigidity by abstracting this logic into standalone, policy-based service. Your application merely needs to send three key pieces of information to Cerbos:
Cerbos evaluates these against the defined policies and returns a simple 'Allow' or 'Deny' decision to your application. This makes the internal logic of your application cleaner, requiring only a single IF statement for authorization.
By moving authorization logic to policy files, you gain the ability to adapt swiftly to new roles and rules without modifying application code. Imagine your policies as the airport security guidelines; when the guidelines change, you don't need to rebuild the terminal—just update the rules.
Cerbos offers centralized auditing by logging every permission check made through the system. This is like having a detailed manifest of every passenger who tried to board a flight, making it easier to meet compliance requirements and giving your customers confidence in your security measures.
Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team