Just and FYI. Keto was not well documented enough ...
# talk-ketow
wide-butcher-30761
07/11/2023, 5:21 PMJust and FYI. Keto was not well documented enough and too esoteric for my team to feel confident using it. So we're scrapping the plan to move to Keto for the foreseeable future. 😕
b
bored-agency-21522
07/11/2023, 5:39 PMif I may ask, what alternatives are you considering?
m
magnificent-energy-493
07/11/2023, 7:06 PM
Hey @wide-butcher-30761
been a while since we talked last.
I can understand that moving to a zanzibar-based system can be challenging - I take it that is what you mean by “esoteric”.
If you have any pointers how we can improve the experience (apart from writing more documentation and examples of course), let me know 🙏
w
wide-butcher-30761
07/11/2023, 7:23 PMFor us several things have happened over time.
1. The immediate business need (new product development) for us was cancelled. So things that would have taken us further from a monolithic ruby backend, those went away.
2. We already have more than one auth / permissions system from merging with other business. I once saw that Ory might unite these systems, but what happened was we got bogged down in the relationships between these systems and what a unified permission model would look like. This in-turn made it feel like some refactoring would be necessary, beyond that of a naive permission check. This was generally undesirable by most parties.
Moving forward will be a combination of existing systems like auth0, and ruby monolith solutions like Pundit. I was looking forward to ditching auth0 in our elixir systems. I may still but the earnest to do so is kind of gone for me now.
wide-butcher-30761
07/11/2023, 7:30 PM@magnificent-energy-493 it has. Hope all is well.
Esoteric I mean that few team members have an existing understanding of permissions systems, graph structures, really anything that would make learning a domain specific permission language easier. That combined with disjointed documentation and only naive examples made it less likely for people to dive in and try to understand it further. Those that did were only made more confused by existing documentation. I found it very helpful to read the zanzibar paper but others felt like it was too bleeding edge if to implement it they had to get down into the academic weeds so to speak.
wide-butcher-30761
07/11/2023, 7:33 PMI still believe Keto to be a viable solution but also understood the teams apprehensions and in the end it's not going to benefit our systems for me to shoehorn this in and be the only one that gets it.
wide-butcher-30761
07/11/2023, 7:37 PMOne thing you might want to speak to is relationship quantity and performance expectations. I sometimes fielded comments like "this feels like a lot of relationships I have to manage in Keto".
I tried to dissuade this type of pseudo-anlysis but without any concept of scale in the documentation I'm not sure I was ever very convincing.
wide-butcher-30761
07/11/2023, 7:43 PMJust trying to be open and honest. Not trying to be overly critical or anything. ❤️ Ory.
m
magnificent-energy-493
07/11/2023, 9:44 PM
Thanks so much for the extensive feedback, did not perceive it as overly critical at all - after all you would only share this much if you do care about Ory 🙂
This is very valuable feedback, and I can symphatize a lot with your teams sentiment,
thanks again 🙏
18 Views