Fine Grained News - September 2024

Welcome to the September edition of Fine Grained News! As we transition into the fall season, we’re excited to bring you the latest updates on the progress of OpenFGA.

Just Shipped

• We shipped OpenFGA v1.6.1 with performance fixes, bug fixes, and a new SQLite storage adapter contributed by Grafana. Thanks @DanCech!

• This month we released improved OpenTelemetry metrics support for .NET SDK, Go SDK, Java SDK, and JavaScript SDK.

In Progress

• Authorization for OpenFGA: OpenFGA currently supports global pre-shared keys and OIDC for API authentication, but we’re exploring more granular authorization options, such as store-specific credentials and varying permissions for stores, modules, and types.

• Batch Check: OpenFGA SDKs currently implement BatchCheck by issuing multiple parallel request to the OpenFGA server. We'll be implementing a BatchCheck server endpoint to improve performance and reduce network overhead.

Check out our roadmap to see what’s in the works. Feature requests and ideas can be shared in GitHub Discussions.

Community Highlights

• OpenFGA at Open Source Summit Europe: José Carlos Chávez gave a talk on RBAC with OpenFGA at OSS Europe 2024 in Vienna, Austria this month. You can see the presentation deck here.
• OpenFGA at Open Source Strategy Forum 2024: Kiah Imani will present Role-Based Access Is So Yesterday: Revolutionizing Authorization with OpenFGA at OSSF on Wednesday, October 23, 2024. In this session, attendees will learn how OpenFGA addresses the limitations of RBAC, enhancing security, performance, and access management across various systems.
• OpenFGA at KubeCon: Andres Aguiar will participate in KubeCon/CloudNativeCon in November! OpenFGA will have a Kiosk in the Project Pavilion. He'll present a lightning talk on OpenFGA and participate in The Policy Engines Showdown.
• We added new authorization model examples for multi-tenant RBAC and how to define ABAC policies using ReBAC.
• Guide to Building Auth Systems: Level Up Coding offers a comprehensive guide to building authorization systems using RBAC, ReBAC, and ABAC models. The guide covers the differences between these approaches and when to use each.
• High Marks for OpenFGA Policy Languages: Trial Of Bits published a report comparing the security of the Cedar, OPA, and OpenFGA policy languages. OpenFGA was very well evaluated!
• September Community Meeting: Check out the September Community Meeting, which is posted on YouTube! In last month’s meeting, we reviewed recent updates, demos with Envoy, an OpenFGA Kubernetes Operator, fine-grained access for OpenFGA, and reviewed the results of the 2024 Community Survey.

New Adopters

• If you or your company have implemented OpenFGA, we would love to hear about it! Please add your name as yourself as an adopter by updating the Adopters.md file and send us a PR.
• If you or your company provides implementation services for OpenFGA, we invite you to share your information with the community in our Implementation Services section of the Adopters.md file by sending us a PR! However, please note that the listed individuals and companies have not been evaluated or endorsed by the OpenFGA project, and inclusion on the list does not imply endorsement.

Announcements

• Hacktoberfest 2024: Hacktoberfest is a month long celebration of open source software which encourages new and experienced developers alike to contribute code to open source projects during the month of October. This makes October a great time to become an OpenFGA contributor! We have labeled a number of issues on GitHub with "Hacktoberfest" and "Good First Issue" labels making it easy to find a way to get involved and have your code included in OpenFGA.
• Monthly Community Meeting: Join us for our monthly Community Meetings, held on the second Thursday of every month at 11 AM Eastern Time (US). Our next meeting is on Thursday, October 10, 2024. Our community meetings are a great way to stay updated with the latest developments, ask questions, and engage with the OpenFGA community. If you would like to demo your implementation of OpenFGA, please reach out to us on any of our community channels or at [email protected]. You can find the link to the meeting invite here. We look forward to seeing you there!

See You Next Month!

Fine Grained News is published every month. If you have any feedback, want to share your OpenFGA story, or have a noteworthy update, please let us know on any of our community channels or at [email protected].