#announcements

Hey @everyone

Released Permify Visual Studio Extension, Perm ⛓️

Permify VSCode extension provides syntax support for Permify authorization language, Perm. Now you can model your authorization in VSCode with code snippets and syntax highlights.

You can find the extension by searching for Perm in the extensions marketplace.

Released Expand API 🌳

We’ve introduced a new API endpoint to expand Permify Schema actions in a tree structure to improve observability and reasonability of access permissions.

See more about Expand API from our change log
https://www.permify.co/change-log/expand-api

Hi @everyone, we released a new authorization question format: Data Filtering⛱️

With this feature, you can perform bulk access checks and get an authorized resources list. Simply, from now you can ask "Which resources that User X can perform action Y ?" to Permify ✔️

https://www.permify.co/change-log/data-filtering

Hey @everyone,

We're happy to announce that we have left behind 1000+ stars on Github 🎉 🎉 Our new goal is to hit 2k stars!!

Thousands of thanks 💜

Hey @everyone ,

Permify Multi-Tenancy support is out with our newest version v0.3.0 🌟

Permify Multi-Tenancy gives the ability to customize the authorization for each tenant's specific needs. You can create custom authorization schema and relation tuples accordingly for the different tenants and manage them in a single place.

We provide a pre-inserted tenant - t1 - for ones that don't have/need to use multi-tenancy. Also you can find how to migrate to multi-tenancy if you’re using version 0.2.x from here: https://permify.co/docs/migrating

Hey @everyone!!

We just launched our version 2 at Hacker News! Many changes happened since we launch 6 mo.

And we’re making some big steps in our version 2!

You can find details in our HN post. And don’t mind a little bit of support 😅

To find:
Go to - https://news.ycombinator.com/shownew
Find - Show HN: Permify Open-source Authorization Service V2 is out!

Hey folks, we have released v0.3.9 ⚡

This version brings several improvements and enhancements to the schema flexibility, performance and handling errors. Here's a quick overview of what's new:

• Error handling for the DSL (Permify schema) has been enhanced.
• Permify Validation action now has improved error handling.
• Consistent hashing has been introduced for optimal cache utilization at high scale.
• Data filtering now benefits from performance improvements, thanks to the semaphore pattern for bulk checks.
• A garbage collector has been added to the database, resulting in performance gains.
• General validations on schema keywords, like "foo-bar," have been tested and updated.
• Lastly, for enhanced comprehensibility, permission can now be used as an alternative to the action keyword. (Using either action or permission will yield the same result)

https://github.com/Permify/permify/releases/tag/v0.3.9

Hi everyone, we've just released version v0.4.0 🌟 This release includes several notable changes, including:

• Added Data Filtering Capability to permify-validate Action
• UI enhancements on Permify Playground
• Developed Simplified Assertion Definitions and Reduced Duplication for Permify Validate Action
• Added Data Filtering Capability to permify-validate Action
• Enhanced permify-validate with Policy Coverage Analysis and IDL Parser Integration

https://github.com/Permify/permify/releases/tag/v0.4.0

Hi folks! We're pleased to announce the release of version v0.4.5 🌟

Here are the highlights:

• Implemented contextual tuples to dynamically add relations to permission requests, enhancing flexibility and control.
• Fixed a query bug that tried to delete all relationships when a blank input was given in Delete Relationship SQL queries.
• Error handling optimization has been done for errors not defined by us in the Authn section.
• Added Validate and Coverage features in WASM.

https://github.com/Permify/permify/releases/tag/v0.4.5

Hi everyone, we've just released version v0.4.6 🌟

This release includes several changes, including:

• Polymorphic Relations, which gives ability to define different type of users in a single schema.
• Prevent Unique Constraint Errors (https://github.com/Permify/permify/issues/530)

Hey @everyone!

We've just released version v0.4.7 ⭐

• Released Subject Permission List endpoint, which allows you to make queries in the form "Which permissions user:x can perform on entity:y?"
• Switched from the 'memberlist' to 'HashiCorp Serf' for hashring feature, enhancing both functionality and performance in distributed caching.

https://github.com/Permify/permify/releases/tag/v0.4.7

Hi @everyone!

We are thrilled to announce that Permify now supports Attribute-Based Access Control (ABAC) 🚀

This new enhancement brings a whole new level of granularity to our current authorization system, allowing user or resource associated attributes to complement policies and permissions using Permify.

You can check it out our newest tutorial post where we share our design approach on ABAC and demonstrate how to create and use attribute-based permissions in Permify ➡️

https://www.permify.co/post/unveiling-permify-abac/

Hey @everyone 👋

We've just released version v0.5.0 ⭐ ABAC is now live and ready to use in core package!

Also we've launched ABAC on Hacker News. Would greatly appreciate it if you could show your support 🙏

To find:
Go to - https://news.ycombinator.com/shownew
Find - Show HN: Permify Now Supports Attribute-Based Access Control

Hey @everyone, here are some notable changes from releases 0.5.1 and 0.5.2 ⭐

v0.5.2 (https://github.com/Permify/permify/releases/tag/v0.5.2)

1. Added Coverage Configuration (coverage.yml):

   • Introduced a GitHub Action:
     • Activates on push and pull_request events.
     • Utilizes ubuntu-latest runner with Go 1.20 setup.
     • Checks out the project code and manages dependencies.
     • Executes unit tests and gathers code coverage.
     • Reports coverage metrics to Coveralls.

2. Bug Fixes:

   • Fixed an issue with the entity filter causing an internal error.

——————————

v0.5.1(https://github.com/Permify/permify/releases/tag/v0.5.1)

1. Refactoring:

   • Renamed conflicting proto messages to avoid clashes with native types.
   • Rule calls now always initiate from the invoker (that's for caching rule calls with specific entity).

2. Feature Additions:

   • Enhanced the playground by adding rules and attributes to the visualizer.
   • Unified lookup services to read the schema only once per request for efficiency.
   • Introduced a new cache mechanism within the lookup:
   • schema map serves as a cache to store and keep track of schema versions, ensuring efficient and speedy retrievals.

Hi @everyone 👋 We've just released version v0.5.6 🌟

Here are some notable changes from the latest releases: 0.5.4, 0.5.5 and 0.5.6!

v0.5.6 (https://github.com/Permify/permify/releases/tag/v0.5.6)

1. Write API Now Allows Overwriting:

   • The write API has been modified to allow updates to existing attributes, ensuring that attribute value updates are recognized as overwrites rather than conflicts. https://github.com/Permify/permify/issues/787

2. API Validation Update:

   • We’ve enforced a non-nil requirement for exactly one of tuple_filter or attribute_filter to ensure better data validation. https://github.com/Permify/permify/issues/788

——————————

v0.5.5 (https://github.com/Permify/permify/releases/tag/v0.5.5)

1. Improvements on Distributed Cache Mechanism:

   • Updated Consistent Hashring configuration and usage. https://docs.permify.co/docs/reference/cache/#how-consistent-hashing-operates-in-permify
   • Implement consistent hashring balancer with go-grpc. https://github.com/Permify/permify/commit/193d9f64a9b1ed0b282399b0614abe20ff6e977c

2. Regex Enhancements in APIs' Validation:

   • New String validation: ^[a-zA-Z_]{1,64}$".
   • New ID validation: ^[a-zA-Z_]{1,64}$".

——————————

v0.5.4 (https://github.com/Permify/permify/releases/tag/v0.5.4)

1. Added Permify Schema to JSON converter:
   • By utilizing the command: permify ast {path of your schema validation file}, you can effortlessly convert your model into an Abstract Syntax Tree (AST) representation.
     https://docs.permify.co/docs/getting-started/testing/#ast-conversion

Hi @everyone 👋 We've released version v0.6.x 🌟 (https://github.com/Permify/permify/releases/tag/v0.6.0)

Here are some highlights from latest releases:

• Bundle Services: We've added new api endpoints to structure how data will be created and deleted when specific actions occur on resources. See more details on docs: https://docs.permify.co/docs/api-overview/bundle/

• Authentication for Consistent Hashring: We’ve implemented our existing authentication methods (Pre Shared Keys & OIDC) for consistent hashing, thereby enhancing security in the permify instances’s interpolation - https://github.com/Permify/permify/commit/daf2f969b29f6a1d34e32e4844f860cb5eee9431

• Flexible Input Formats for Schema in Testing Validation File: expand the schema field to accept input as a simple string text representing either a URL or a file path load external schema - https://docs.permify.co/docs/getting-started/testing/#defining-the-schema

• Implement slog Logging in Postgres: Enhance our logging mechanism within the internal/storage/postgres with using the slog, a feature in the new version of Go.

  • slog: https://go.dev/blog/slog
  • PR: https://github.com/Permify/permify/commit/4c9d45cadea8a7ecb45480f640d7023b838cc06e

• Playground Improvements: We’ve updated our playground interface, returning to the bird's-eye view. We've also improved the editor in the enforcement section to make scenario creation smoother. Check out the latest updates on our playground: https://play.permify.co/

Hi @everyone 👋 We've released version v0.7.x 🌟 (https://github.com/Permify/permify/releases/tag/v0.7.0)

Here are some notable updates:

• Logging Improvements:

• Context relation errors will now only be logged in debug mode (https://github.com/Permify/permify/commit/5e17308dafee7214c6fe914f0d29e8e24f70ec46)

• Added unary and stream server interceptors to the logging configuration, enabling detailed start-end logs for GRPC calls, including timestamps, method details, and execution times (https://github.com/Permify/permify/commit/83c3a0ae643c08d93dc89487c46a0f5b8212d4c9)

• Fix in Error Codes: We have fixed an issue with 4xx and 5xx errors. Now, errors like schema not found should result in 400-level errors: https://github.com/Permify/permify/pull/1007/commits/eff5d4236f81d2d64963139405281e00ba91f52a

• Enhanced Request Deduplication: Implemented a singleflight proxy to improve request deduplication, enhancing efficiency by reducing redundant processing. Currently working on the detailed benchmark for this.(https://github.com/Permify/permify/commit/2b65179f4bc67838c6a3717e5cd0eb667643cf34)

• Circuit Breaker Refactor: Refactored circuit breaking functionality by switching from Hystrix package to Gobreaker: https://github.com/Permify/permify/commit/2eacc29c8bc2beb91a01a73c9b93c8acb235edee,

• Playground Tour UI: We’ve updated our playground interface and added a tour guide for newcomers.

Hi @everyone 👋 We've released version v0.8.x 🌟 (https://github.com/Permify/permify/releases/tag/v0.8.0)

Here are some notable updates on Permify:

• New REST Clients: We've released new Python and Javascript SDKs that are automatically generated by the OpenAPI Generator.

  • Python Client: https://github.com/Permify/permify-python
  • Javascript Client: https://github.com/Permify/permify-javascript

• Refreshed Document Interface: We've refreshed our documentation and added a comprehensive search powered by the Permify AI Assistant: https://docs.permify.co/permify-overview/intro

• Released Partial Schema Update: We have published an endpoint allows authorized users to make partial updates to the schema by adding or modifying actions within individual entities.See more details in the following documentation: https://docs.permify.co/operations/partial-schema-update

• Implement Backoff Policy for JWKs Retrieval and Validation: We propose dynamically fetching JWKs from the Permify server as needed, enhancing security by verifying tokens with absent KIDs through immediate JWK retrieval, and introducing a backoff policy to avoid overwhelming the server. https://github.com/Permify/permify/issues/1135.

Hi @everyone 👋

We've released Java & Typescript SDK clients and made some changes in the existing clients as well:

• Fixed the "Invalid imports" issue in the Python client: https://github.com/Permify/permify-python/issues/1
• The permify-node package is now generated using the official buf gRPC client generator. With this new generator, dictionary-typed data bodies have transitioned to requiring objects to be created and set. Also, all objects and clients are accessible through grpc.payload, grpc.base, or simply grpc in the new package: https://github.com/Permify/permify-node/releases/tag/v0.4.9
• Implemented REST clients for Typescript and Javascript and accessible through npm.
  • permify-typescript: https://www.npmjs.com/package/permify-typescript
  • permify-javascript: https://www.npmjs.com/package/permify-javascript
• Implemented Java clients, accessible through Maven or Gradle.
  • REST: https://github.com/Permify/permify-java/packages/2209195
  • gRPC: https://github.com/Permify/permify/tree/master/sdk/java/grpc
• Created a new SDK repository to provide examples and best practices for using each client, its super new right now and doesn't have many examples to be honest but will be improved it on the way. For the ones who want to contribute to this repo, you're more than welcome as always: https://github.com/Permify/permify/tree/master/sdk

With the new generation flow, all these clients will stay up to date. Any release in the main Permify project will automatically trigger their update and publication.

Here is the link of current official Permify clients - each client is available in both gRPC and REST

• Node Client: https://github.com/Permify/permify-node
• Java Client: https://github.com/Permify/permify-java
• Go Client: https://github.com/Permify/permify-go
• Python Client: https://github.com/Permify/permify-python/
• Typescript Client: https://github.com/Permify/permify-typescript
• Javascript Client: https://github.com/Permify/permify-javascript

Hi @everyone, we've released our first major version: v1.0.0 ⭐

We’ve shared a launch post on our socials and would greatly appreciate it if you could show your support! Also, if you don’t follow Permify on socials yet, please do; your support means a lot to us 🙏

• LinkedIn: https://www.linkedin.com/feed/update/urn:li:share:7229486262959710208/
• Twitter: https://x.com/GetPermify/status/1823720980797382834

Let’s get back to the highlights. Here are the latest updates on Permify,

Released Schema Management GitOps: you can now automatically deploy authorization models to Permify directly from your GitHub repository in our cloud product. Similar deploying your Vercel application with GitHub Actions: https://docs.permify.co/cloud/intro#schema-management

Tree-Sitter Syntax Highlighting Support & Zed Perm Extension
A big thanks to @rugged citrus for creating tree-sitter grammars for Neovim and Zed (and other IDEs/text editors that use tree-sitter grammars) to enhance the experience when working with Permify schemas. Any support or contribution to Steven’s work is more than welcome.

• tree-sitter grammars: https://lnkd.in/dP8gwMEw
• Zed editor extension: https://lnkd.in/dsBpaEEu

Health Check Endpoints Added to SDKs: https://github.com/Permify/permify/pull/1451

Update Go version to 1.22.6
https://github.com/Permify/permify/commit/42e8a70b9b43a8617d4ab145953a06f63e1bd2f4

Refactor Logging for Enhanced Context Handling: Replaced slogs with slog context for better context management and aligned the logs exporter with meters and traces for consistency:
https://github.com/Permify/permify/commit/3322dddea7407e0adf77305cbe548c4bf86c35e3

OIDC: Improved Key ID Handling with Periodic Refresh and Retry Logic
Add logic to handle unknown Key IDs by initiating a one-time refresh, tracking them during ongoing refreshes, and using a Go routine for periodic retries until all Key IDs are found. https://github.com/Permify/permify/commit/c66661ef7d5bd7195cf1240e3f1ac505ea867df3

Hi @everyone, Permify has joined and is now a silver member of the CNCF 🎉 .

We are very proud to announce that Permify has become a Silver member of the Cloud Native Computing Foundation (CNCF) and has joined the ranks of many other tech industry leaders committed to cloud-native platforms, projects, and technologies.

Thanks for all of your support so far 💜

Hi @everyone,

We’ve released a new end-to-end guide that demonstrates how to build a full-featured authorization system using Permify Cloud.

This guide covers example use case, explains core Permify concepts, and includes sample code from Permify’s SDKs to help you get started quickly.
https://docs.permify.co/getting-started/end-to-end-example

Hey @everyone, big news 🎉
Permify has officially joined FusionAuth!

This marks an important milestone in our mission to deliver a unified, transparent, deploy-anywhere identity and access management lifecycle. FusionAuth’s authentication platform and Permify’s fine-grained authorization engine are a natural fit, and we’re excited about what this means for our shared vision of the future of CIAM.

✨ What stays the same?
– Permify remains completely open source.
– Permify will continue as a standalone product you can run and host yourself.
– Nothing changes for existing users or contributors. Your workflows, APIs, and usage stay the same.

✨ What’s new?
– Strong backing to accelerate development.
– Faster response times on issues & PRs.
– More integrations (focused on identity & auth).
– A shared roadmap with the FusionAuth team.

You can find more details in our announcement:
👉 Blog Post
👉 FAQ (all common questions answered)

Hey @everyone, with our new release v1.5.4, we have introduced Bulk Check API ⭐

This feature allows you to perform authorization checks for multiple tuples in a single request, greatly improving efficiency and performance, especially when you need to check access for large datasets at once.

Thanks to Abhinav for his contribution!

Checkout the implementation commit

Hey Omer, Welcome to our new community!

Happy to see you here!

Hey everyone,

We're online at PH with a curated list of Startup discounts.

Many of us are founders over here, and it's hard to keep up with the budget.

You can check out the deals and credits you can apply for. And save $10,000s from cloud to help desk products.

https://www.producthunt.com/posts/deez-deelz

Hey @everyone ,

We have just launched our open-source React Library for role-based access control.

https://www.producthunt.com/posts/permify-react-roles

Hey @everyone,

It's well established best-practice to separate Authorizations if you have anything more than a monolithic environment.

But we know it comes with a practical concern: Performance.

So @obtuse depot just created a benchmarks report for the community, and compared the response time variance rates vs. CPU usage for external service vs. bake-in code authorizations.

https://www.permify.co/post/why-decoupled-authorizations-wins-with-performance-benchmarks

Hey @everyone ,

We launched our integration with Refine, it's a React-based framework for rapid building of internal tools. It's is a a collection of helper hooks, components and providers.

There is a great collaboration with Refine team, and Permify. So that you can easily create great internal tools with fine-grained authorizations.

Check out for more details;
https://refine.dev/blog/build-access-control-permify/

Hey @everyone

We're launching our open-core Permify today Hacker News! And right now we're at the top!

Would love to have your support as well!

To find
Go to - https://news.ycombinator.com/show
Find - Show HN: Show HN: Open-source authorization service based on Google-Zanzibar