Simon Robb, Co-founder/CTO at Packsmith
Oso Bear of the Month is a series of interviews with developers in our community to connect and learn more about their authorization journey. For our March feature, we sat down with Simon Robb, Co-founder/CTO at Packsmith.
What is your authorization story? Share a bit on how you used Oso to solve for it.
We started our authorization journey with a well-known identity provider only. As our platform evolved we quickly needed to introduce authorization rules on certain resources, and initially used ad-hoc solutions in our codebase to restrict access.
After a few of these cases arose it was time to implement a general solution for authorization and our team, having experienced the pain of custom-building this layer in their past companies, began looking for an OTS solution. Oso immediately emerged as the leader during our discovery phase. Since then we've used Oso to model access rules across all our resources, including multiple user roles and complex inherited relationships.
What is one recommendation you would offer to someone doing authorization for the first time?
Don't DIY! And seek Oso's excellent support in modelling your early access rules.
Since using Oso, what's a new thing you have been able to accomplish?
We're embarking upon adding account impersonation for our support team. Right now we need to grant membership in our customers' organizations to our support team's user accounts so they have the access required to perform their roles; soon that will be replaced with an on-demand, auditable impersonation system using Oso.
How do you think you have most benefited by using Oso?
The engineering resources required to build the initial implementation ourselves would have been significant, but it's becoming increasingly clear that adding to and maintaining authorization logic is a never-ending task. The value we gain from Oso's centralization and expressibility of rule logic will compound here over time.
Anything additional you want to share about Oso, authorization, your experience?
Oso has built such a strong foundation and we can't wait to see how the platform evolves!
If you had a magic wand, what is one thing you would add or change in Oso?
Oso has been the perfect complement to our identity provider Auth0, but if Oso were to have direct knowledge of our user identities it would only make the platform more powerful, reduce integration burden, and present a richer UI.
Thank you so much!
If you enjoyed this interview we encourage you to share it, tag @osohq. We'd also love to hear from you on how your authorization journey is going, join us and thousands of developers on slack!
