Unified permission management between API and client

Unified permission management between API and client

Con day 1 - Track FR

Sep 10, 2021 · 14:45 PM - 15:25 PM

Unified permission management between API and client

Marion Agé - Unified permission management between API and client

API Platform offers the possibility of creating robust and modular applications, however it is common to require a permissions system to manage users and their abilities.

I will present in this talk my implementation to operate an advanced permissions system based on multiple criterias, in a unified way. This allows flexible and automatic management of both the security of the API (access control for resources, automatic filters, etc.) but also the security of the client (in Vue.js), to control the UI and its functionalities according to the current user’s rights, transparent hot reload of permissions included in case of modifications!

Questions ?Contact us!

or follow us on social media