Skip to main content

3 posts tagged with "authorization"

View All Tags
· 7 min read

Although article is inspired from personal dev experience and I tried my best to keep things objective, it's still non-negligible that I'm one of the creators of Logto (an auth product).

I would like to point out this first for a better reading experience.

I’ve seen a lot of developers asking questions like “Should I build my own auth for my app?”. While the answer cannot be a simple "Yes" or "No", I’d like to write an article to breakdown the implementation and demonstrate the pros and cons to help you decide.

· 6 min read


In the previous article, we introduced the concept of authentication (AuthN) and authorization (AuthZ), along with some headachy terms: Identity, Organization, Tenant, etc.

Organization and Tenant are great for grouping Identities, but they lead to an absolute democracy: everyone can do anything in this system. While utopia is still a mystery, let’s take a look at the governance of access: Authorization (AuthZ).