[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"sanity-xTzGZlaxKRP1xcsxv7ZxV_KedDApgl2JwvAlY-X7CrA":3,"sanity-jRIz_Fmkg9aTC_U_rQRAlqwFnER78XMc8B8qkv90Obg":351},{"data":4,"sourceMap":-1},{"latestPodcast":5,"latestReleases":14,"post":39,"recent":326},[6],{"_id":7,"publishedAt":8,"slug":9,"sponsored":12,"title":13},"d53f9358-3bb2-4f69-aebe-d31d19522cd4","2026-07-10T07:40:00.000Z",{"_type":10,"current":11},"slug","building-more-than-just-an-agent-harness",null,"Building more than just an agent harness",[15,21,27,33],{"_id":16,"publishedAt":17,"slug":18,"title":20},"eb5b66eb-9410-4329-83bb-22bbff39402a","2026-04-28T13:00:00.000Z",{"_type":10,"current":19},"turn-scattered-knowledge-into-trusted-intelligence","Turning scattered knowledge into trusted intelligence: Stack Internal 2026.3",{"_id":22,"publishedAt":23,"slug":24,"title":26},"369c2401-b62e-4a37-8ff8-bf603023ecad","2026-03-02T15:03:00.988Z",{"_type":10,"current":25},"what-s-new-at-stack-overflow-march-2026","What’s new at Stack Overflow: March 2026",{"_id":28,"publishedAt":29,"slug":30,"title":32},"5e9053a4-07ea-447c-91ea-29e0b6228537","2026-02-02T15:00:00.000Z",{"_type":10,"current":31},"what-s-new-at-stack-overflow-february-2026","What’s new at Stack Overflow: February 2026",{"_id":34,"publishedAt":35,"slug":36,"title":38},"a1b538eb-a8a6-46d0-80a1-ac70ec9bb935","2026-01-05T10:00:00.000-05:00",{"_type":10,"current":37},"what-s-new-at-stack-overflow-january-2026","What’s new at Stack Overflow: January 2026",{"_createdAt":40,"_id":41,"_rev":42,"_type":43,"_updatedAt":44,"author":45,"body":62,"comments":283,"dateUrl":284,"excerpt":75,"image":285,"legacyBody":288,"product":12,"publishedAt":291,"slug":292,"sponsored":12,"tags":294,"title":325,"visible":283},"2023-05-24T12:28:24Z","wp-post-21695","XzVcPPDfPNmxxXS3zvEksc","blogPost","2025-10-31T17:27:06Z",[46],{"_createdAt":47,"_id":48,"_rev":49,"_type":50,"_updatedAt":51,"avatar":52,"employee":57,"name":58,"role":59,"slug":60},"2023-05-23T16:27:18Z","wp-author-295","3Bta4LYddh6s1g3ALChVvb","blogAuthor","2025-05-09T17:21:54Z",{"_type":53,"asset":54},"image",{"_ref":55,"_type":56},"image-d670f8093b43e483a52ba692d929578633f70eb5-1024x1024-jpg","reference","current","Eira May","B2B Editor",{"current":61},"emay",[63,67,78,87,125,155,174,203,232,272],{"_key":64,"_type":65,"markDefs":12,"url":66},"92488de17308","embed","https:\u002F\u002Fart19.com\u002Fshows\u002F2355b740-4531-4071-a3ab-5907a95a36d3\u002Fepisodes\u002F87aa32d1-7754-4a05-a34f-1142c5ed3bd6",{"_key":68,"_type":69,"children":70,"markDefs":76,"style":77},"21c820ccb201","block",[71],{"_key":72,"_type":73,"marks":74,"text":75},"21c820ccb2010","span",[],"Sam Scott, cofounder and CTO of Oso, joins the home team to talk about what makes authorization a challenge, the difference between authentication and authorization, and what zombies taught him about web development.",[],"normal",{"_key":79,"_type":69,"children":80,"markDefs":86,"style":77},"3540bfb2154f",[81],{"_key":82,"_type":73,"marks":83,"text":85},"3540bfb2154f0",[84],"strong","Episode notes:",[],{"_key":88,"_type":69,"children":89,"markDefs":117,"style":77},"9d45d5df3631",[90,95,99,104,108,113],{"_key":91,"_type":73,"marks":92,"text":94},"9d45d5df36310",[93],"f0dd47d8496e","Oso",{"_key":96,"_type":73,"marks":97,"text":98},"9d45d5df36311",[]," is authorization as a service. Check out the ",{"_key":100,"_type":73,"marks":101,"text":103},"9d45d5df36312",[102],"8e25128569df","docs",{"_key":105,"_type":73,"marks":106,"text":107},"9d45d5df36313",[]," or explore ",{"_key":109,"_type":73,"marks":110,"text":112},"9d45d5df36314",[111],"39eedb3179f3","use cases",{"_key":114,"_type":73,"marks":115,"text":116},"9d45d5df36315",[],".",[118,121,123],{"_key":93,"_type":119,"href":120,"reference":12},"link","https:\u002F\u002Fwww.osohq.com\u002F",{"_key":102,"_type":119,"href":122,"reference":12},"https:\u002F\u002Fwww.osohq.com\u002Fdocs",{"_key":111,"_type":119,"href":124,"reference":12},"https:\u002F\u002Fwww.osohq.com\u002Fuse-cases",{"_key":126,"_type":69,"children":127,"markDefs":150,"style":77},"6ddce199817c",[128,132,137,141,146],{"_key":129,"_type":73,"marks":130,"text":131},"6ddce199817c0",[],"Sam’s post “",{"_key":133,"_type":73,"marks":134,"text":136},"6ddce199817c1",[135],"9c66f8570a0d","Why Authorization is Hard",{"_key":138,"_type":73,"marks":139,"text":140},"6ddce199817c2",[],"” covered what makes authorization challenging, some approaches to solving it, and their associated tradeoffs. You can also ",{"_key":142,"_type":73,"marks":143,"text":145},"6ddce199817c3",[144],"ad13d08d8565","watch Sam’s talk",{"_key":147,"_type":73,"marks":148,"text":149},"6ddce199817c4",[]," at PyCon US 2022. Since it’s impossible to address everything that makes authorization hard in just 5,000 words, Sam is currently at work on a follow-up article called “Why Authorization is Hard Part II.”",[151,153],{"_key":135,"_type":119,"href":152,"reference":12},"https:\u002F\u002Fwww.osohq.com\u002Fpost\u002Fwhy-authorization-is-hard",{"_key":144,"_type":119,"href":154,"reference":12},"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=2BN96ON48U8",{"_key":156,"_type":69,"children":157,"markDefs":171,"style":77},"94359bc7c131",[158,162,167],{"_key":159,"_type":73,"marks":160,"text":161},"94359bc7c1310",[],"Sam first learned web development via ",{"_key":163,"_type":73,"marks":164,"text":166},"94359bc7c1311",[165],"a6900e8bc66c","Rails for Zombies",{"_key":168,"_type":73,"marks":169,"text":170},"94359bc7c1312",[],", a beginner-level Rails course. In creating Oso, he tasked himself with “putting rails on authorization.”",[172],{"_key":165,"_type":119,"href":173,"reference":12},"https:\u002F\u002Fwww.pluralsight.com\u002Fcourses\u002Fcode-school-rails-for-zombies",{"_key":175,"_type":69,"children":176,"markDefs":198,"style":77},"49cc343b91ad",[177,181,186,190,195],{"_key":178,"_type":73,"marks":179,"text":180},"49cc343b91ad0",[],"ICYMI: Read Sam’s post about ",{"_key":182,"_type":73,"marks":183,"text":185},"49cc343b91ad1",[184],"ccfe0a436b07","best practices for securing REST APIs",{"_key":187,"_type":73,"marks":188,"text":189},"49cc343b91ad2",[]," or listen to his previous podcast appearance, where we talked about ",{"_key":191,"_type":73,"marks":192,"text":194},"49cc343b91ad3",[193],"229642c5ce29","how Oso makes security easier for developers",{"_key":196,"_type":73,"marks":197,"text":116},"49cc343b91ad4",[],[199,201],{"_key":184,"_type":119,"href":200,"reference":12},"https:\u002F\u002Fstackoverflow.blog\u002F2021\u002F10\u002F06\u002Fbest-practices-for-authentication-and-authorization-for-rest-apis\u002F",{"_key":193,"_type":119,"href":202,"reference":12},"https:\u002F\u002Fstackoverflow.blog\u002F2021\u002F09\u002F08\u002Fpodcast-373-authorization-is-complex-oso-is-a-library-designed-to-help-you-structure-it\u002F",{"_key":204,"_type":69,"children":205,"markDefs":227,"style":77},"b669a54e3616",[206,210,215,219,224],{"_key":207,"_type":73,"marks":208,"text":209},"b669a54e36160",[],"Find Sam on ",{"_key":211,"_type":73,"marks":212,"text":214},"b669a54e36161",[213],"06e9f2fe9295","LinkedIn",{"_key":216,"_type":73,"marks":217,"text":218},"b669a54e36162",[]," or ",{"_key":220,"_type":73,"marks":221,"text":223},"b669a54e36163",[222],"8728d18a2e19","GitHub",{"_key":225,"_type":73,"marks":226,"text":116},"b669a54e36164",[],[228,230],{"_key":213,"_type":119,"href":229,"reference":12},"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsamjs\u002F",{"_key":222,"_type":119,"href":231,"reference":12},"https:\u002F\u002Fgithub.com\u002Fsamscott89",{"_key":233,"_type":69,"children":234,"markDefs":265,"style":77},"327a86d7af25",[235,239,244,248,253,257,262],{"_key":236,"_type":73,"marks":237,"text":238},"327a86d7af250",[],"Today’s ",{"_key":240,"_type":73,"marks":241,"text":243},"327a86d7af251",[242],"0906ee25351e","Lifeboat badge",{"_key":245,"_type":73,"marks":246,"text":247},"327a86d7af252",[]," winner is ",{"_key":249,"_type":73,"marks":250,"text":252},"327a86d7af253",[251],"d4f86f4a16e6","OscarRyz",{"_key":254,"_type":73,"marks":255,"text":256},"327a86d7af254",[]," for their answer to ",{"_key":258,"_type":73,"marks":259,"text":261},"327a86d7af255",[260],"1ca345a0511f","I am trying to solve '15 puzzle', but I get 'OutOfMemoryError'",{"_key":263,"_type":73,"marks":264,"text":116},"327a86d7af256",[],[266,268,270],{"_key":242,"_type":119,"href":267,"reference":12},"https:\u002F\u002Fstackoverflow.com\u002Fhelp\u002Fbadges\u002F8842\u002Flifeboat",{"_key":251,"_type":119,"href":269,"reference":12},"https:\u002F\u002Fstackoverflow.com\u002Fusers\u002F20654\u002Foscarryz",{"_key":260,"_type":119,"href":271,"reference":12},"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F3094925\u002Fi-am-trying-to-solve-15-puzzle-but-i-get-outofmemoryerror",{"_key":273,"_type":69,"children":274,"markDefs":280,"style":77},"58a827efab95",[275],{"_key":276,"_type":73,"marks":277,"text":279},"58a827efab950",[278],"4fb9b2b00a51","TRANSCRIPT",[281],{"_key":278,"_type":119,"href":282,"reference":12},"https:\u002F\u002Fthe-stack-overflow-podcast.simplecast.com\u002Fepisodes\u002Fauthorization-on-rails\u002Ftranscript",true,"2023\u002F02\u002F21",{"_type":53,"asset":286},{"_ref":287,"_type":56},"image-472725c034235a56301dc8caf0ed41b3d298c57a-1200x630-png",{"code":289,"language":290},"\u003C!-- wp:html -->\n\u003Ciframe height=\"200px\" width=\"100%\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https:\u002F\u002Fplayer.simplecast.com\u002F28aa989a-ab4b-4357-83d0-d8a6a804e235?dark=false\">\u003C\u002Fiframe>\n\u003C!-- \u002Fwp:html -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Sam Scott, cofounder and CTO of Oso, joins the home team to talk about what makes authorization a challenge, the difference between authentication and authorization, and what zombies taught him about web development.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>\u003Cstrong>Episode notes:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.osohq.com\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">Oso\u003C\u002Fa> is authorization as a service. Check out the \u003Ca href=\"https:\u002F\u002Fwww.osohq.com\u002Fdocs\" target=\"_blank\" rel=\"noreferrer noopener\">docs\u003C\u002Fa> or explore \u003Ca href=\"https:\u002F\u002Fwww.osohq.com\u002Fuse-cases\" target=\"_blank\" rel=\"noreferrer noopener\">use cases\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Sam’s post “\u003Ca href=\"https:\u002F\u002Fwww.osohq.com\u002Fpost\u002Fwhy-authorization-is-hard\" target=\"_blank\" rel=\"noreferrer noopener\">Why Authorization is Hard\u003C\u002Fa>” covered what makes authorization challenging, some approaches to solving it, and their associated tradeoffs. You can also \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=2BN96ON48U8\" target=\"_blank\" rel=\"noreferrer noopener\">watch Sam’s talk\u003C\u002Fa> at PyCon US 2022. Since it’s impossible to address everything that makes authorization hard in just 5,000 words, Sam is currently at work on a follow-up article called “Why Authorization is Hard Part II.”\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Sam first learned web development via \u003Ca href=\"https:\u002F\u002Fwww.pluralsight.com\u002Fcourses\u002Fcode-school-rails-for-zombies\" target=\"_blank\" rel=\"noreferrer noopener\">Rails for Zombies\u003C\u002Fa>, a beginner-level Rails course. In creating Oso, he tasked himself with “putting rails on authorization.”\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>ICYMI: Read Sam’s post about \u003Ca href=\"https:\u002F\u002Fstackoverflow.blog\u002F2021\u002F10\u002F06\u002Fbest-practices-for-authentication-and-authorization-for-rest-apis\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">best practices for securing REST APIs\u003C\u002Fa> or listen to his previous podcast appearance, where we talked about \u003Ca href=\"https:\u002F\u002Fstackoverflow.blog\u002F2021\u002F09\u002F08\u002Fpodcast-373-authorization-is-complex-oso-is-a-library-designed-to-help-you-structure-it\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">how Oso makes security easier for developers\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Find Sam on \u003Ca href=\"https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fsamjs\u002F\" target=\"_blank\" rel=\"noreferrer noopener\">LinkedIn\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsamscott89\" target=\"_blank\" rel=\"noreferrer noopener\">GitHub\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>Today’s \u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fhelp\u002Fbadges\u002F8842\u002Flifeboat\" target=\"_blank\" rel=\"noreferrer noopener\">Lifeboat badge\u003C\u002Fa> winner is \u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fusers\u002F20654\u002Foscarryz\" target=\"_blank\" rel=\"noreferrer noopener\">OscarRyz\u003C\u002Fa> for their answer to \u003Ca href=\"https:\u002F\u002Fstackoverflow.com\u002Fquestions\u002F3094925\u002Fi-am-trying-to-solve-15-puzzle-but-i-get-outofmemoryerror\" target=\"_blank\" rel=\"noreferrer noopener\">I am trying to solve '15 puzzle', but I get 'OutOfMemoryError'\u003C\u002Fa>.\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->\n\n\u003C!-- wp:paragraph -->\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fthe-stack-overflow-podcast.simplecast.com\u002Fepisodes\u002Fauthorization-on-rails\u002Ftranscript\" target=\"_blank\" rel=\"noreferrer noopener\">TRANSCRIPT\u003C\u002Fa>\u003C\u002Fp>\n\u003C!-- \u002Fwp:paragraph -->","html","2023-02-21T05:40:00.000Z",{"current":293},"authorization-on-rails-ep-540",[295,302,306,311,315,320],{"_createdAt":296,"_id":297,"_rev":298,"_type":299,"_updatedAt":296,"slug":300,"title":301},"2023-05-23T16:43:21Z","wp-tagcat-authentication","9HpbCsT2tq0xwozQfkc4ih","blogTag",{"current":301},"authentication",{"_createdAt":296,"_id":303,"_rev":298,"_type":299,"_updatedAt":296,"slug":304,"title":305},"wp-tagcat-authorization",{"current":305},"authorization",{"_createdAt":296,"_id":307,"_rev":298,"_type":299,"_updatedAt":296,"slug":308,"title":310},"wp-tagcat-oauth2",{"current":309},"oauth2","OAuth2",{"_createdAt":296,"_id":312,"_rev":298,"_type":299,"_updatedAt":296,"slug":313,"title":314},"wp-tagcat-oso",{"current":314},"oso",{"_createdAt":296,"_id":316,"_rev":298,"_type":299,"_updatedAt":296,"slug":317,"title":319},"wp-tagcat-podcast",{"current":318},"podcast","The Stack Overflow Podcast",{"_createdAt":296,"_id":321,"_rev":298,"_type":299,"_updatedAt":296,"slug":322,"title":324},"wp-tagcat-the-stack-overflow-podcast",{"current":323},"the-stack-overflow-podcast","the stack overflow podcast","Authorization on Rails (Ep. 540)",[327,333,339,345],{"_id":328,"publishedAt":329,"slug":330,"sponsored":12,"title":332},"76c9771b-34e6-4d98-8641-ecefc711f0ef","2026-07-06T15:23:34.559Z",{"_type":10,"current":331},"when-the-sensor-starts-thinking-snortml-agentic-ai-and-the-evolving-architecture-of-intrusion-detection","When the sensor starts thinking: SnortML, agentic AI, and the evolving architecture of intrusion detection",{"_id":334,"publishedAt":335,"slug":336,"sponsored":12,"title":338},"28e560af-f0aa-4d46-bd90-f435ad604aa7","2026-06-26T14:00:27.102Z",{"_type":10,"current":337},"paging-charity-how-can-engineering-leaders-avoid-becoming-bond-villains","Paging Charity! How can engineering leaders avoid becoming Bond villains?",{"_id":340,"publishedAt":341,"slug":342,"sponsored":12,"title":344},"4b22c2a3-3779-4966-93eb-5230391dbdce","2026-06-23T14:08:58.595Z",{"_type":10,"current":343},"your-ai-shipped-a-backend-that-boots-that-is-the-whole-problem","Your AI shipped a backend that boots. That is the whole problem.",{"_id":346,"publishedAt":347,"slug":348,"sponsored":12,"title":350},"5cf362e1-fe7b-45af-b69c-914731c6a052","2026-06-23T14:00:00.000Z",{"_type":10,"current":349},"the-2026-developer-survey-is-now-open-for-human-developers-only","The 2026 Developer Survey is now open (for human developers only)!",{"data":352,"sourceMap":-1},{"count":353,"lastTimestamp":12},0]