Hi all I asked a question along these lines a long time ago Ory Community #talk-oathkeeper

Hi all, I asked a question along these lines a lon...

cuddly-city-78540

05/28/2023, 11:30 AM

Hi all, I asked a question along these lines a long time ago, but I know things move on (for example, I don’t think there was the

remote_json

authoriser when I last asked. Does anyone have an example config for how to use

remote_json

with Casbin Server? Or at least any advice on how to integrate the two? I find Casbin a lot easier to understand than Keto and would at least like to experiment before we have to get any real work done 🙂

icy-manchester-83109

05/30/2023, 6:38 AM

~~Hi. The https://www.ory.sh/docs/oathkeeper/pipeline/authz describes how the remote_json authorizer can be configured and used. What exactly are the challenges, you're facing?~~

icy-manchester-83109

05/30/2023, 6:54 AM

The official casbin server supports gRPC only. OAthkeeper does however not support gRPC endpoints with remote_json authorizer.

icy-manchester-83109

05/30/2023, 6:58 AM

There is however a https://github.com/luk4z7/middleware-acl service available, which exposes HTTP endpoint. Unfortunately it has not been updated for pretty long time

icy-manchester-83109

05/30/2023, 9:51 AM

Btw, you're actually not limited to using keto with it, any authz system, which exposes endpoints over http can be used, e.g. OpenFGA

icy-manchester-83109

05/30/2023, 9:52 AM

Most probably this is not what you wanted to hear, but as I've written above, usage of the official Casbin Server is not yet possible.

magnificent-energy-493

05/30/2023, 3:56 PM

Thanks a lot for sharing Dimitrij 🙌

icy-manchester-83109

05/30/2023, 6:16 PM

You're welcome 😉

Open in Slack

Previous Next