This talk was recorded at NDC Porto in Porto, Portugal. #ndcporto #ndcconferences #security #cloud #developer #softwaredeveloper Attend the next NDC conference near you: https://ndcconferences.com/ https://ndcporto.com/ Subscribe to our YouTube channel and learn every day: /https://www.youtube.com/channel/UCTdw38Cw6jcm0atBPA39a0Q Follow our Social Media! https://www.facebook.com/ndcconferences https://twitter.com/NDC_Conferences https://www.instagram.com/ndc_conferences/ Should this user be able to read that article? Who is allowed to tag me in a social media post? How can I share this document with everyone who has access to the parent folder? Authorisation is hard, let's face it. Role-based access control is a great starting point, but hard to scale. Attribute-based access control scales better, but neither are much good at answering more complex conditions, like limiting access to friends-of-friends, meaning we have to wrap this up into business logic. This is where relationship-based access control (ReBAC) comes in, allowing nuanced access to resources without codifying that into the applications. In this session, we'll look at how to define these relationships, experience live demos, and discover how we can deploy our own fine-grained authorisation service.