In 2021, we introduced you to the Developer Preview of our new SaaS solution, Auth0 Fine-Grained Authorization (FGA). We had one goal —to simplify and streamline your experience with authorization-at-scale. Today, we're excited to bring you even closer to the future of authorization as Auth0 FGA launches into a Limited Early Access Program. A select group of customers now have the chance to integrate and use the product in their real-world production environments.
So, What Is Auth0 FGA?
Auth0 FGA enables developers to design authorization models, from coarse-grained to fine-grained, in a way that’s centralized, flexible, fast, scalable and easy to use.
Auth0 FGA supports granting access at any level of granularity. You can use it to implement role-based access with complex hierarchies or atomic object-level access in any system. This makes it easy to enable collaboration between users, going far beyond typical role-based access control (RBAC). It also supports building custom roles into any system, empowering your customers to define how to manage access. Auditing capabilities in Auth0 FGA provide fundamental building blocks for security and compliance teams. The more we’ve spoken to customers about it, the more we’ve learned just how many use cases it can solve.
Auth0 FGA is a single place for you to define your authorization model, store your authorization data and make your authorization decisions — across all your apps and products.
Centralizing your authorization logic and decisions into a single service that has the flexibility to handle use cases across your different products gives you distinct advantages:
- Simplify security auditing: Implement explicit authorization rules that are easier to audit by internal and external parties.
- Lower costs: Standardize authorization across all of your applications, making it easier for developers to focus on building new products and features without worrying about building and maintaining authorization into each app.
- Deliver faster: Ship new products and features faster with an extensible authorization model that scales with your business.
- Enhance security logging: Generate logs for all operations out-of-the-box, both reads and writes.
- Empower your users: Allow users to take control of granting access to their data directly in your application.
- …All in a way that’s fast and reliable at scale: A centralized service dedicated to fine-grained authorization should scale with you as your business and products grow. Since Auth0 FGA specializes in authorization and nothing else, it can be particularly optimized for access control patterns and use cases, improving the latency and reliability of your authorization approach.
The Path to General Availability
Since we launched the product as a Developer Preview, we have onboarded several customers in a private beta release. These customers are now using Auth0 FGA for their production applications. During this period, we completed all the internal processes required to ship a product in early access with the quality Okta customers expect from a feature, reliability, security, and compliance perspective.
During this period, we've meticulously fine-tuned all aspects necessary for a top-notch product that meets the high standards Okta customers anticipate. This includes feature enhancement, reliability improvements, security, and compliance reviews.
We've also been busy enhancing Auth0 FGA with a host of features:
- We open sourced OpenFGA, Auth0 FGA’s core, and donated it to the Cloud Native Computing Foundation.
- We added support for inviting multiple stakeholders to collaborate on a single Auth0 FGA model.
- We added initial support for ABAC-like authorization with Contextual Tuples.
- We implemented APIs that allow subscribing to all changes in an Auth0 FGA store or retrieving all resources that a user can access.
- We've enhanced our Authorization Model Language, making it more intuitive to read and write.
- We added a Command Line Interface tool to simplify how to manage Auth0 FGA.
- We shipped a SDK for .NET and Python
Applying for Auth0 FGA Limited Early Access Program (EAP)
The Auth0 FGA EAP is designed to enable customers to implement authorization in their production applications while helping Okta validate the solution. We are very confident in the product we build, but our standards for the products we ship as Generally Available are very high.
Given that when integrating with Auth0 FGA, you’ll call our APIs very frequently, minimal latency is important. To minimize latency, your application's services need to run as close as possible to the Auth0 FGA services. For that reason, we are initially accepting customers that are deploying their applications in the same data centers as our Early Access deployments. Auth0 FGA is currently available on the AWS cloud in the US, and it will be deployed to more regions and clouds in the future.
We believe Auth0 FGA is the future of authorization that will enable businesses of all sizes to manage authorization at scale, without the complexity, and we’re excited to bring it closer to the hands of our customers with this milestone.
If you are interested in participating in the Limited Early Access Program, please reach out to your account manager, or contact the Auth0 FGA team in our Discord channel.