Engineering

09 April 2019

Layering authorization into a web application

How we introduced granular authorization into our application and API. Illustration by Camellia Neri Last year, my team extended Gusto’s authorization system to give admins granular access to their companies’ accounts. In software security terms, authorization is

Flora Jin

1 / 1

Engineering ( 23 )

Diversity Inclusion ( 10 )

Programming ( 8 )

Gusto ( 7 )

Collaboration ( 5 )

Best Practice ( 5 )

Ruby On Rails ( 4 )

Product Management ( 3 )

Startups ( 3 )

Tidying ( 3 )

React ( 2 )

Javascript ( 2 )

PM ( 2 )

Interviews ( 2 )

Job Hunt ( 2 )

Database ( 2 )

Advice ( 2 )

Engineering Management ( 2 )

Incident Response ( 2 )

Authorization ( 2 )

Guide ( 2 )

Security ( 2 )

Startup Lessons ( 2 )

Ruby ( 2 )

Getting Started ( 2 )

Pull Request ( 2 )

Code Review ( 2 )

Refactoring ( 2 )

Outcomes ( 2 )

Experiment ( 2 )

MVP ( 2 )

Backbone ( 1 )

Webpack ( 1 )

Immutable ( 1 )

Teams ( 1 )

Teamwork ( 1 )

Cto ( 1 )

Migration ( 1 )

Double Write ( 1 )

Single Read ( 1 )

Models ( 1 )

Double Read ( 1 )

Single Write ( 1 )

Zero Downtime ( 1 )

Management ( 1 )

Tech Lead ( 1 )

Individual Contributor ( 1 )

Sidekiq ( 1 )

Redis ( 1 )

Poison Pill ( 1 )

Women ( 1 )

Modular Monolith ( 1 )

Rails Engines ( 1 )

SSO ( 1 )

OAuth ( 1 )

OpenID Connect ( 1 )

Flexible Pay ( 1 )

Blocks ( 1 )

Closures ( 1 )

Big Data ( 1 )

Data Engineering ( 1 )

Data Lake ( 1 )

Partnerships ( 1 )

Integrations ( 1 )

Api ( 1 )

Xero ( 1 )

New York City ( 1 )

Organizational Design ( 1 )

Monolith ( 1 )

Spaghetti Code ( 1 )

Legislation ( 1 )

Hardcoding ( 1 )

Software Development ( 1 )

Coding ( 1 )

Continuous Integration ( 1 )

IT ( 1 )

Client Platform Engineering ( 1 )

CI/CD ( 1 )

Flora Jin

1 post |

1 post

|