Ben Lang

Permit.io - Never build permissions again

by
Top Product

Every application requires managing permissions, and complexity is constantly on the rise. Permit.io provides permissions as a service (ReBAC, Policy as Code, APIs, and customer-facing UI), so developers can check this as done and focus on their core product.

Add a comment

Replies

Best
Or Weis
Hi everyone, Permit.io is finally on PH 🤩 Huge thank you to @benln, our hunter, for taking the time and believing in Permit.io Every application requires managing permissions, and complexity is constantly on the rise. Working on previous ventures, I found myself constantly rebuilding permissions from scratch. That's why @asafchn and I decided to make everyone’s life a whole lot easier and created permit.io, with the goal of developers never having to build permissions again! Permit provides permissions as a service, so developers can easily implement a robust authorization layer into their product, and focus on its core features instead. Providing the power of real-time policy as code, through no code interfaces, that devs, and everyone else can use with ease. We're excited to be launching on Product Hunt and are offering a special promotion for the PH community - $250 towards your permit.io account - but act fast - this offer ends in just 30 days! I'm curious to hear from the community - what's been your biggest headache when it comes to permissions management? Any horror stories to share? What’s your favorite policy model (RABC, ReBAC, ABAC)? And how many times have you built access from scratch? We're open to any questions or discussions, and AMAs, so fire away!
Antoni Kozelski
@benln @asafchn @or_weis Permit provides permissions as a service👍Congratulations on the launch of Permit.io. good job guys❗️
Ben Lang
Top Product
Hunter
📌
Congrats Or and team, excited about the launch!
Or Weis
@benln Thanks for hunting us - you rock :)
Michael Silber
An engineer I once worked with once said to me, "If you stick with any project long enough, your job will eventually become maintaining a permissions system." Maybe this is the way out :-)
Gabriel L. Manor
@product_at_producthunt , Oh wow! That's a fantastic statement. Can we quote you on that? 😉
Michael Silber
@gemanor Go for it! I also suggest you go to the source and reach out to @eric_whitney aka OldCoderGuy (https://www.tiktok.com/@oldcoderguy)
Ryan Hoover
I helped design RBAC systems over a decade ago. It's messy, especially when you need to apply it to an existing accounts model retroactively.
Or Weis
@rrhoover Spot on - exactly the same pains I went through - that brought me to create Permit.
Gabriel L. Manor
@rrhoover, this summarises the background story of most of our team. We are very passionate about solving that problem 😉
Ryan Hoover
@gemanor @or_weis big fan of solving problems you really understand. :) On that note, why hasn't this been solved already? RBAC and permissioning is a long-standing challenge and known problem for many. Curious how Permit.io compares to other solutions or if you're taking a different approach.
Gabriel L. Manor
@or_weis @rrhoover Permit is a solution for (mostly) application-level permissions. We are giving developers the power of advanced authorization into their application with single lines of code. Permit.io isn't about RBAC only. It is a one-stop shop that allows developers to seamlessly scale for more advanced models (ABAC, ReBAC). It also solves problems in scaling distributed applications (which is quite a new challenge), centralized audit, and more. In general, Permit is new because the fast-paced app development world that made such solutions necessary.
Or Weis
@rrhoover @gemanor to add to Gabriel's answer - an important factor is maturity of standards and mindset - before Authentication as a service matured with standards like JWTs and before devs learned that this type if critical infrastructure is better acquired from experts (nowadays who would be building AuthN on their own) - talking about Authorization as a service was basically impossible.
Congrats on the launch @or_weis , Permit.io sounds like a game-changer for developers! I love the idea of never having to build permissions from scratch again. How does Permit.io handle complex permission structures? Can it handle multiple levels of user roles and permissions? Does Permit.io provide any analytics or reporting features? It would be great to have insights into how permissions are being utilized in my application. Looking forward to hearing more about Permit.io and how it can simplify permission management for developers!
Or Weis
@gusoliveira_ Hi - for sure - just take a look at our ReBAC modeling , it supports recursive nesting and role derivation. https://docs.permit.io/how-to/bu... We have multiple levels of audit logs, webhooks, and more
Rami
I don't see how outsourcing authorization can benefit developers. won't they still have to implement a significant amount of logic locally that it will defeat the purpose of using a service like this? won't they already need to understand their authorization needs and how to solve them in order to use this service, in which case they might as well implement it themselves locally to begin with?
Gabriel L. Manor
Hey @kingromstar, You've brought up some good points here, and I want to address them from two perspectives. From a technical standpoint: Authorization that is implemented as part of the application is limited. * It is hard to use it in multiple apps (which is the usual case in the distributed computing/cloud world) * It's expensive to scale from one permission model to another (think of the need for a relationship between resources and roles in different apps) * It creates spaghetti code between the permission configuration and the enforcement point. From a product standpoint: * Every change needs a code change and engineering work. * Auditing and analyzing authorization decisions is complex. * The application architecture limits the flexibility of the permission model. I can list some more limitations, but the main point is: Why should we reinvent the wheel to solve it for every app if we can use a well-defined product? We can see the same wave if we look at the authentication space for the last ten years. We hope to bring the same revolution to the authorization space. I hope that I have answered your question. Here are some more related information and reading materials: https://www.permit.io/blog/roll-... https://www.permit.io/blog/zanzi... https://www.permit.io/blog/autho... We are also very easy-going, and you can find some time with our engineering team here to discuss further: https://calendly.com/permitio/me...
Thomas Collett
Thanks for bringing usability to a notoriously complex space. I had been looking for a solution exactly like this for some time.
Gabriel L. Manor
@thomas_collett thank you 🙏 Looking forward to see you as a user ☺️
Or Weis
@thomas_collett @gemanor he already is :D
Gabriel L. Manor
@thomas_collett @or_weis Sorry, my late-night English-Hebrew transform took time to process Thomas to Tom. Good to see you here ☺️
Daniel Liechtman
I've been using Permit.io for a while for a personal project, and it's definitely the best in the market! I hope every developer tool has such a spectacular experience for developers. Well done, team, keep up the great work!
Gabriel L. Manor
@dliecht soon to be used as part of your work applications ;) Thanks for the comments
Alex Chepovoi
You've made a splash with your ProductHunt launch!
Gabriel L. Manor
@alex_chepovoi, this is just a hint for the DevEx in our product. Thanks for your support :)
Liran Tal
Congrats, permit team! Very cool to see you innovating and helping developers work out authorization as easy as permit.check() ;-)
Or Weis
Thanks @liran_tal1 Love the SDK reference 💪
Martha Patzer
Congrats, @or_weis and team, and 3 cheers for your privacy policy, which is easy to read and dedicated to user privacy (at a glance)! "We will process personal information with the assistance of our partners, who co-host conferences, webinars or any other event. We will only share your information with such partners where you have provided us with your explicit consent to do so."
Gabriel L. Manor
Well, @itspatzer,permissions company == privacy as a first-class citizen 🤩 Thanks for your support
Or Weis
@itspatzer Credit is also due to our awesome legal team at Pearl Cohen 💪
Chetan Nagaraja
I use to work for a company, who had a similar Saas service. I use to deal with RBP permissions (Role Based Permissions). You have no idea how much demand this has. Especially big companies. You are in the right track. Way to go. Congrats on the launch. This looks great!!!!
Gabriel L. Manor
Thanks for your kind words, @chetanmedia. We look forward to hearing more about your experience after taking a ride on the product.
Ben Adrian Sarmiento
Permit.io is an amazing tool and company and community. There's no other way but up for these guys! Congrats on the launch!
Or Weis
@yowmamasita Thanks Ben it's really great to work with you, and to have your support
Felix Häberle
Congrats on the launch! 🥳 I'm wondering: - How does Permit.io handle complex permission structures? Can it handle intricate hierarchies and custom permission sets? - Are there any integration options available for popular frameworks and libraries like React or Angular? - Is there a way to easily migrate existing permissions from an existing system to Permit.io without disrupting the application? Again, great product – keep up the good work!
Or Weis
@felixhaberle Hi Felix! Thanks for the question! 1. Permit supports RBAC, ABAC, and ReBAC, all with a no-code UI. It also allows you to create whichever custom authorization code you want on top of it for more complex use cases. 2. Yup! We support both React, Vue, and Angular, as well as - via our FE SDK [1] - which is based on CASL.js 3. As far as migration goes, we usually recommend migrating from your existing permission solution gradually, and you can do it app by app, service by service (And even function by function) while keeping both systems operational until you feel fully comfortable migrating (initially with Permit in "read-only" mode). We also provides guides from migrating identities from your AuthN solution (e.g. auth0[2]) [1]: https://github.com/permitio/perm... [2]: https://docs.permit.io/category/...
Vasily Malyshev
Oh man, we've spent so much time building our permission system! If only I saw you guys earlier! Good luck with your launch and your product. Definitely market exists and you can help a lot of developers!
Gabriel L. Manor
Thanks, @stoicbasil. BTW, you still have a chance to win. Permit.io is very easy to integrate with existing products and helps them to grow with Policy as Code, ReBAC/ABAC, or even to manage audit logs. Waiting to see you here ;)
Aditya Sharma
Interesting Product, Congratulations on the successful launch🎉
Gabriel L. Manor
Thank you for your support, @iamadityaa . Waiting to see you redeeming the voucher ;)
Sheldon SU
This sounds super cool! Building collaboration features within every tool becomes much easier. Be sure to integrate this with major no-code tool! With AI being able to write the code too, no-code building becomes even more accessible!
Gabriel L. Manor
@sheldon_at_fabrie, YEAH! Low-code and no-code is definitely one of our first-class citizens. If you have any practical ideas, we will be happy to hear more of them in our Slack community and prioritize them - https://io.permit.io/blog-slack
Ishwar Jha
it's much needed. I am telling my team to check it out on priority. Best wishes
Gabriel L. Manor
Thank you, @ishwarjha ! You can also refer them to join our Slack community to get support and answers if needed https://io.permit.io/opalcommunity
Jim Engine
Congratulations on the launch of Permit.io @or_weis This is a game-changer for developers and businesses looking to streamline their authorization processes. Kudos for simplifying access control while maintaining security and compliance standards! 😉
Gabriel L. Manor
Thanks for the kind words, @officialexaking. We are on a mission of simplifying permissions. Keep watching 😎
Ashish Kumar Gopalika
Exciting product Congratulations 👏