Engineering

09 April 2019

Layering authorization into a web application

How we introduced granular authorization into our application and API. Illustration by Camellia Neri Last year, my team extended Gusto’s authorization system to give admins granular access to their companies’ accounts. In software security terms, authorization is

Flora Jin

advice ( 2 )

authorization ( 2 )

backbone ( 1 )

best practice ( 4 )

Big Data ( 1 )

blocks ( 1 )

closures ( 1 )

code review ( 2 )

Collaboration ( 3 )

cto ( 1 )

Data Engineering ( 1 )

Data Lake ( 1 )

database ( 2 )

diversity-inclusion ( 9 )

double read ( 1 )

double write ( 1 )

Engineering ( 16 )

engineering management ( 1 )

flexible pay ( 1 )

Getting Started ( 1 )

Guide ( 1 )

gusto ( 4 )

immutable ( 1 )

incident response ( 1 )

individual contributor ( 1 )

interviews ( 2 )

javascript ( 2 )

job hunt ( 2 )

management ( 1 )

migration ( 1 )

models ( 1 )

modular monolith ( 1 )

OAuth ( 1 )

OpenID Connect ( 1 )

PM ( 2 )

poison pill ( 1 )

Product Management ( 3 )

programming ( 6 )

pull request ( 2 )

rails engines ( 1 )

react ( 2 )

redis ( 1 )

refactoring ( 1 )

ruby ( 2 )

ruby on rails ( 3 )

Security ( 2 )

sidekiq ( 1 )

single read ( 1 )

single write ( 1 )

SSO ( 1 )

startup lessons ( 1 )

startups ( 3 )

Teams ( 1 )

Teamwork ( 1 )

tech lead ( 1 )

tidying ( 1 )

webpack ( 1 )

women ( 1 )

zero downtime ( 1 )

Flora Jin

1 post |

Layering authorization into a web application

1 post

|