Application authorization enthusiast with years of experience as a customer engineer, technical writing, and open-source community advocacy. Comunity Manager, Dev. Convention Extrovert and Meme Enthusiast.
Daniel Bass & Gabriel L. Manor
We surveyed over 200 engineers about how they build and scale authorization. The data reveals where access control is heading, from RBAC and ReBAC to real-time checks and policy languages
Daniel Bass
Learn how to implement serverless authorization in your Node.js applications using the Serverless Framework. Set up access control with roles, attributes, and relationships using AWS Lambda and Permit.io.
Daniel Bass
How Salt Security integrated Fine-Grained Authorization (FGA) to enhance security, compliance, and user flexibility.
Daniel Bass
Learn how to design your authorization model and architecture with real-world use cases, user management, approval flows, and AI identity support.
Daniel Bass
Machine identity security is essential as AI agents become integral to your application. Discover best practices for managing access, auditing AI actions, and preventing cascading trust attacks.
Daniel Bass
Explore how to secure AI agents, protect against prompt injections, and manage cascading AI interactions with AI Security Posture Management (AISPM).
Daniel Bass
Learn how to decouple fine-grained authorization from Firebase Rules, improve them, and expand beyond Firebase Rules for authenticated users by externalizing fine-grained access control.
Daniel Bass
Machine identities are set to outnumber human users in every system. Learn why treating machine identities like human ones is crucial for security, access control, and future-proofing your applications.
Daniel Bass
Multi-tenant authorization combined with Role-Based Access Control (RBAC) simplifies user permissions management across different accounts, organizations, or groups. In this guide, we’ll explore why and how to implement Multi-Tenant authorization using Permit.io.
Daniel Bass & Filip Grebowski
Cookies are suitable for authentication and session management, while local storage is ideal for storing non-sensitive data on the client side. This detailed guide explains why and when to use each.
Daniel Bass
Enforcing fine-grained access control is critical for AI-driven applications. Permit.io AI Access Control introduces a new Four-Perimeter Framework as well as a set of new integrations—PydanticAI, LangChain, MCP, and LangFlow—ensuring secure prompts, controlled AI workflows, and identity-aware AI decisions.
Daniel Bass
How externalizing authorization helped Centauri AI secure financial data while focusing on core product development.
