Setting the bar for Auths: Okta Fine Grained Authorisation is now Generally Available

Authorisation has become more complex over the years. Users require more collaboration features and more privacy controls about what data is shared with others. Security and compliance teams demand limiting user’s permissions to just the ones they need, visibility over authorisation policies and access control logs. Managing authorisation in an ad-hoc way in application code isn’t cutting it anymore. It’s no wonder that broken access control is the No.1 most common web application security risk

Starting today, Okta Fine Grained Authorisation (FGA) is Generally Available. FGA enables developers to design authorisation models, from coarse-grained to fine-grained, in a way that’s centralised, flexible, fast, scalable, and easy to use. So, your development teams can spend less time building and maintaining authorisation and more time building and shipping new products and features. 

"High-performing product and engineering teams spend an outsized amount of their time working on features that drive core product value. FGA allows us to spend more time focusing on the core drivers for the business vs. spending limited bandwidth on rolling our own authorisation system." — Luke Thomas, Director, New Products at Zapier

Since we announced the Limited Early Access of FGA in 2023, we’ve seen many customers implement it. We’re especially proud of the variety of customers that have been able to simplify authorisation, from startups to global Fortune 500 companies across different industries. From tech companies that streamline HR processes to healthcare companies that provide daily care to patients, FGA has enabled our customers to meet security and compliance goals. 

"FGA has been a game-changer, fast-tracking our journey in establishing our platform … allowing us to focus on innovation and growth without compromising on security." — Vanessa Anderson, Senior Director of Engineering, Management Services at Komodo Health

We’re also proud of the scalability and feature enhancements we’ve made to the product since we announced Limited Early Access. 

  • Proven scalability: Manage 100 billion relationships and over 1 million requests per second, with low latency. Learn more about FGA scalability here
  • Policy flexibility: Built-in support for attribute-based access control (ABAC) empowering granular access control and secure collaboration.
  • Reliability: Backed by our industry-leading 99.99% uptime, you can count on FGA to minimise disruption
  • Developer tooling: SDKs for most popular languages (.NET, Go, Javascript, Java, Python), Visual Studio Code integration for editing and validating FGA models, and Command Line Interface to automate operating FGA and implementing CI/CD, and support for testing FGA models.

So, what’s next for FGA? We’re not done yet. The authorisation-as-a-service market and technology is just getting started, and we’re excited to set the standard for what customers should expect from their solution. To that end, we’re working on more enhancements to meet the needs of even more customers. 

  • Integration with Customer Identity Cloud: Customer Identity Cloud tenants have a lot of information that’s used to make authorisation decisions, like organisation membership, role membership, or permissions. We’ll make that data available to FGA so it can be used to further extend authorisation capabilities. For example, allowing the members of a specific user group to access a specific project.
  • Private Cloud Deployment: For customers with region-specific regulatory hurdles and higher performance needs, FGA will be available in our single-subscriber environment, Private Cloud, later this year.
  • API improvements: Streamline bulk actions like deleting and permission checks, saving you time and effort.
  • Developer tooling: More developer experience improvements with Spring Boot integration, JetBrains IDE support, and Ruby/Rust/PHP SDKs. 
  • Modular models: Authorisation is application-specific and it should be possible for each team to own the authorisation model for their application. We’re making enhancements to simplify adoption by larger teams with modular models, and granular per-store permissions for developers and applications.

We believe Okta Fine Grained Authorisation will fundamentally change how applications are built over the next decade. At Okta, we aim to solve authorisation for application builders and workforce IT administrators, and FGA is a key piece of that strategy. 

If you want to learn more about FGA, check out our Whitepaper here. And, when you’re ready to get started with FGA, head over to fga.dev to sign up for free. 

Additional Resources: 

Whitepaper

Documentation

FGA Playground

FGA Explainer Video

These materials and any recommendations within are not legal, privacy, security, compliance, or business advice. These materials are intended for general informational purposes only and may not reflect the most current security, privacy, and legal developments nor all relevant issues. You are responsible for obtaining legal, security, privacy, compliance, or business advice from your own lawyer or other professional advisor and should not rely on the recommendations herein. Okta is not liable to you for any loss or damages that may result from your implementation of any recommendations in these materials. Okta makes no representations, warranties, or other assurances regarding the content of these materials. Information regarding Okta's contractual assurances to its customers can be found at okta.com/agreements.