Or Weis
Announcing Permit MCP Gateway
Announcing Permit MCP Gateway, a new trust and enforcement layer for MCP that brings identity, consent, fine-grained authorization, auditability, and runtime control to AI agent actions.
Read more
Loading
Featured Stories
Or Weis
Announcing Permit MCP Gateway, a new trust and enforcement layer for MCP that brings identity, consent, fine-grained authorization, auditability, and runtime control to AI agent actions.
Gabriel L. Manor
The new Permit.io CLI brings developer-first workflows to access control. Define, test, deploy, and enforce fine-grained authorization using AI, CI/CD, GitOps, and OpenAPI — all from your terminal
Gabriel L. Manor
Learn how to implement Prisma ORM data filtering using ReBAC (Relationship-Based Access Control) to control which database records each user can access, without manual filtering logic.
Gabriel L. Manor
Learn how to build secure, human-in-the-loop AI agents using Permit.io’s Access Request MCP, LangGraph, and LangChain MCP Adapters. Enable AI agents to request access and delegate sensitive permissions to human users for policy-backed decision-making.
Gabriel L. Manor
Learn how to integrate Role-Based Access Control (RBAC) in a multi-tenant Nuxt.js application with continuous user syncing using Permit.io. This guide walks through defining roles, enforcing permissions, and managing access dynamically.
Uma Victor
Learn how to implement fine-grained Postgres permissions for multi-tenant SaaS apps using roles, grants, and row-level security (RLS). Ensure tenant isolation and secure access control with PostgreSQL.
Uma Victor
Learn how to implement Postgres RLS (Row Level Security) for secure, multi-tenant data access, including best practices and common mistakes to avoid
Daniel Bass
Learn how to implement a complete authentication and authorization solution in Next.js with this step-by-step implementation guide.
Daniel Bass & Gabriel L. Manor
Learn how to use JWTs for authorization the right way. This guide covers best practices, common mistakes, and why JWTs should carry identity, not permissions.
Or Weis
PBAC sounds great—until you try to use it. Learn the real challenges of Policy-Based Access Control and how to avoid common pitfalls.
Gabriel L. Manor
Learn how to implement multi-tenant Role-Based Access Control (RBAC) in MongoDB. This guide covers defining roles, enforcing permissions, and securing tenant data with PDP-Level filtering for scalable authorization in Node.js applications.
Gabriel L. Manor
Learn the key differences between JWT and opaque bearer tokens, covering how they work, when to use each, and how they impact API authentication, security, and performance.
Gabriel L. Manor
Learn how to add Supabase authentication and authorization to a fullstack Next.js app. This guide covers setting up Supabase Auth, implementing RBAC and ReBAC authorization, and enforcing access with Supabase Edge Functions and a Policy Decision Point (PDP).
Daniel Bass
Learn how to implement serverless authorization in your Node.js applications using the Serverless Framework. Set up access control with roles, attributes, and relationships using AWS Lambda and Permit.io.