6
2 Comments

Quick demo for a plug-&-play authorization API, to manage access control

Hey everyone,

We have been building things with my friends for quite a while. But me and my friends hate building authorizations again, and again.

From time to time we work on projects as commissioners, building a flexible and future-proof access control is overwhelming. Also, there are tons of solutions for Authentication, but not much for Authorization.

Usually, people use Django like frameworks or their own boilerplates. But it becomes vain over time, and while focusing on your daily work it's hard to update those.

So we build a plug-&-play API for that. I wanted to share a quick guide.

Here's a quick video:
Permify | Plug-&-Play API

So how do you handle your Authorization?

  1. 2

    I've done very basic Authorization integration before and it's definitely painful. Good job on the demo, I like that you just have to add in a simple Provider and a Permission (btw I think you should call it Permission or Permify instead of PermifyComponent, feels too verbose) around the UI element to control whether the user can access it or not.

    Questions:

    1. I noticed that the permission type is a string that you add, could you make it a function so I create dynamic permission controls? For example if the user has x and y permission let them as access etc.

    2. How are the users connected into that UI to manage permissions?

    3. Do you provide Authentication as well? If not, you should def write a guide on the recommended way to do Authentication for devs, whether it's Firebase, Supabase, passport js etc. The reason is if someone is doing authorization, they for sure need authentication as well.

    Overall fantastic work, you should put this on HN, folks there always have strong opinions, for better or worse :)

    1. 1

      Hey Sukh,

      Thanks for the feedback! Really appreciate it.

      1. We're building ABAC and policies where you'd be able to do that.
      2. Simple conf. with link sessions etc.
      3. Unfortunately we do not offer Authentication, but actually, you can use any auth. the method you want. - Perhaps we'll make a guide for both-
Trending on Indie Hackers
How I grew a side project to 100k Unique Visitors in 7 days with 0 audience 49 comments Competing with Product Hunt: a month later 33 comments Why do you hate marketing? 29 comments My Top 20 Free Tools That I Use Everyday as an Indie Hacker 16 comments $15k revenues in <4 months as a solopreneur 14 comments Use Your Product 13 comments