New blog posts about JWT tokens and automatic documentation generation of our code
News coverage on the future of cybersecurity and being enterprise ready by Seedcamp and WorkOS respectively
and finally a chance to win a t-shirt.
You are receiving this email because either we have met, chatted, or you’ve visited our website cerbos.dev and asked us to keep you up-to-date. If you have been forwarded this email, you can use this link to subscribe and receive future updates. If you don't want to receive these emails you can unsubscribe below, but we hope you stay!
Cerbos ecosystem: Prisma integration
For anyone in the JS ecosystem you would have likely come across Prisma - the next-generation Node.js and TypeScript ORM, (object-relational mapping). We are big fans of the system and were thrilled when Prisma asked us to join their What is new at Prisma (v.3.9.0) podcast. We talked about how the Cerbos/Prisma integration works and gave a live demo of the new Query Planner capabilities released in Cerbos v0.12. You can watch the episode on YouTube and find out more about the integration on our ecosystem page.
v0.12 introduces a new query planner API to list and filter what resources a particular user has access to. See the Resources Query Plan documentation for details.
Another exciting change in this release is the freshly revamped cerbosctl utility. In addition to being able to list and filter policies, you can now also list the schemas stored on the Policy Decision Point. If you are already using it, please note that the cerbosctl list command has been replaced with cerbosctl get and the underlying Admin API endpoints have changed to provide policy listing and retrieval with both more predictable and constrained resource usage. This efficiency gain happens regardless of how many policies are stored in the repository. Please refer to both the Admin API documentation and Cerbosctl documentation for more details.
Blog highlights
Have you checked our latest viral blog by James Hickey on The Case Against Token-Based Authorization yet? Here, James explores the challenges of using tokens, (especially when they’re not encrypted), for authorization within your application, when to use stateless applications and JWT workflows.
If you are a developer, you’ve almost certainly faced the challenges of keeping documentation in sync with source code…. And if you are a user, you most likely found cases where that was a problem. Either way, we absolutely recommend reading this blog post by Oğuzhan Durgun where he walks through how the engineering team at Cerbos does it (yes, the whole process!!)
Good! We want to give you a t-shirt! And we also want to talk to you about Cerbos and get your feedback, both what you like and dislike, what are your primary use cases, if you are missing any particular functionality or suggestions on how you would like us to improve the product.
.png)
