Subscribe
Sign in
Aserto — Cloud-Native authorization as a service
Aserto lets you add powerful authorization capabilities that scale up with your application in a fraction of the time it would take to build it by hand.
52
Replies
Best
Congratulations on the launch! We will be launching our product this Thursday and we would be delighted to know your strategies and journey!
Hello, I’m Omri! I’m the co-founder of Aserto, and I’m excited to announce that Aserto is now open to all!
Why did we build this?
Every SaaS app needs permissions and RBAC, so it’s hard to believe that in 2022, there’s no standard developer API for authorization.
Authorization feels deceptively easy at first, but as your product moves upmarket, the requirements keep piling up: finer-grained permissions, custom roles, identity provider integrations, audit trails… all essential for crossing the chasm and becoming a great enterprise application. But it takes significant engineering time, carries a large opportunity cost, and is tricky to do in a secure and performant way.
Why is authorization so hard? Since it’s on the critical path of every application request, it has to be as lightweight as a library, returning results in milliseconds. But it also needs to provide the control-plane benefits of cloud-based developer APIs. It’s an architectural challenge that my co-founder @gertd and I solved when we worked on Azure Active Directory.
We founded Aserto to fill this void and offer the definitive developer API for authorization.
What does Aserto do?
Aserto brings the best of a library and service: it runs close to your application, or as we call it, “at the edge” - so authorization calls are local and blazing fast. At the same time, it allows you to centrally manage all the artifacts needed for authorization decisions.
Aserto picks up where your Identity Provider leaves off: you can connect and sync your IDP(s) to Aserto’s directory, and the control plane automatically delivers any attribute changes from the directory to the edge.
Aserto eliminates the spaghetti code that’s so commonly associated with authorization by lifting policy logic out of your code and into a separate repository. A GitOps workflow lets you manage your policy as code, and evolve it without redeploying your application.
Aserto provides full audit trails for every authorization decision. In enterprise-grade authorization systems, every decision needs to be explainable. Decision logs must include the policy, user attributes, and resource data behind every decision. Aserto centralizes decision logs and makes it easy to ingest them into log analytics systems like ELK or Splunk.
Aserto is easy to integrate: Aserto is contract-first, providing REST and gRPC APIs for down-to-the-metal developers. We also provide idiomatic SDKs for various languages and frameworks, including Express.js, React, Go, Python, Flask, and .NET.
Create your free account today! And feel free to ask any questions!
@gertd @omri_gazitt Yes, I heard about this when I discussed application modernization at my company with the programmers I hired. By the way, I had to look for these specialists for a long time because so many businesses are now moving to the cloud. After all, the cloud is much more convenient, fast, and functional. Of course, when you upgrade your technologies at a company, you have to hire specialists and pay them, but it seems that it's worth it.
@omri_gazitt Congratulations on the launch! This is a very cool product. All the best :D
Congrats on the launch and keep it up! You're building something super useful here.
@omri_gazitt Hello! I saw your product and its rally amazing. Lots of goodluck.
Deez Deelz