NNicolasinbarbacane.hashnode.dev·May 7 · 9 min readAuthorization at the gateway: CEL and OPA for policy-driven access controlAuthentication is a solved problem. Authorization is where things get complicated. Once you know who is making a request, how do you decide what they're allowed to do? At small scale, authorization is simple. An admin role gets full access, a viewer ...00
NNicolasinbarbacane.hashnode.dev·Apr 30 · 7 min readBeyond configuration drift: how Barbacane reimagines the API gateway with Rust and WASMWhat if your OpenAPI spec wasn't just documentation, but the actual configuration of your production gateway? For years, API teams have lived with a quiet frustration: the gap between specification and reality. You write a beautiful OpenAPI spec. You...00
