express-openid-connect
permify
| express-openid-connect | permify | |
|---|---|---|
| 3 | 46 | |
| 498 | 5,469 | |
| 1.0% | 1.2% | |
| 5.8 | 9.8 | |
| 10 days ago | 1 day ago | |
| JavaScript | Go | |
| MIT License | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
express-openid-connect
-
Build a team permissions system in Node.js app using Auth0 and Permify - Part 1
Set Up Authentication with using Auth0 OpenID Connect.
- Testing Protected Express Routes (Auth0 / Express OIDC)
- Any “real-world” examples of connecting to OIDC IdP/using openid-client?
permify
- Show HN: Permify 1.0 – Open-source fine-grained authorization service
- Launch HN: Stack Auth (YC S24) – An Open-Source Auth0/Clerk Alternative
- How to Implement Two-Factor Authentication (2FA) in Golang
-
Fine-Grained Access Control (FGAC): Comprehensive Guidance
For implementation we'll use Permify, an open source authorization service that enables developers to implement fine-grained access control scenarios easily.
-
Implementing Role Based Access Control (RBAC) in Node.js and Express App
┌────────────────────────────────────────────────────────┐ │ Permify v0.8.5 │ │ Fine-grained Authorization Service │ │ │ │ docs: ............... https://docs.permify.co │ │ github: .. https://github.com/Permify/permify │ │ blog: ............... https://permify.co/blog │ │ │ └────────────────────────────────────────────────────────┘ time=2024-03-22T14:59:09.851Z level=INFO msg="🚀 starting permify service..." time=2024-03-22T14:59:09.851Z level=ERROR msg="Account ID is not set. Please fill in the Account ID for better support. Get your Account ID from https://permify.co/account" time=2024-03-22T14:59:09.859Z level=INFO msg="🚀 grpc server successfully started: 3478" time=2024-03-22T14:59:09.859Z level=INFO msg="🚀 invoker grpc server successfully started: 5000" time=2024-03-22T14:59:09.867Z level=INFO msg="🚀 http server successfully started: 3476"
- Implementing Role Based Access Control in SvelteKit
-
Policy-Based Access Control (PBAC): A Comprehensive Overview
However, in this piece we're focusing on the PBAC model also known as Policy-Based Access Control and how it differentiates itself these from traditional access control models in terms of scalability, flexibility and security.
-
Show HN: AI assistant powered by Groq to generate authorization models
Hi I'm Karan, one of the maintainers of Permify (https://github.com/Permify/permify), an open source authorization service to build scalable authorization systems.
I want to share with you that we've built an AI assistant to help modeling your desired authorization logic! You can basically describe your authorization logic in Permify AI and it will generate the respective model and semantics accordingly. Think of it like ChatGPT for authorization modeling/policy generation.
Here's the project if you would like to play with it: https://ai.permify.co/.
Brief backstory:
Since authorization is generally a domain specific issue use cases vary widely - roles, relationships, attributes, hierarchies between business units, contextual permissions, etc.
To address this, we're offering a domain specific language that we built purely using golang to help model authorization logic programmatically. You can see what it looks like with sample examples in our playground: https://play.permify.co/
Although our domain specific language helps our users significantly, the general idea of policy generation is hard challenging if you have complex authorization logic and versatile permission requirements. Additionally, the flexibility of our modeling language allows for achieving the same policy/permissions through various approaches. But creating the best possible policy is crucial for several reasons including the performance of access checks, the readability of the authorization logic, visibility, and achieving least privilege, etc.
When we tallied up all those reasons, it hit us: using AI could really smooth out the policy generation process. It could not only reduce the engineering effort but also yield the best possible results. That's why we integrated Groq to make to create Permify AI!
Would love to get your feedback on this!
- OAuth 2.0 implementation in Node.js
-
Implementing JWT Authentication in a Golang Application
At that point consider exploring our solution, Permify. It's a Google Zanzibar-based open-source authorization service that helps to build scalable authorization systems.
What are some alternatives?
cloudfront-auth - An AWS CloudFront Lambda@Edge function to authenticate requests using Google Apps, Microsoft, Auth0, OKTA, and GitHub login
openfga - A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
openid-client - OAuth 2 / OpenID Connect Client API for JavaScript Runtimes
spicedb - Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data
node-jwks-rsa - A library to retrieve RSA public keys from a JWKS (JSON Web Key Set) endpoint.
Ory Keto - The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.