Application security is a vital piece of our overall success as developers. Many of us have learned and applied role-based or claim-based authorization. Overall, this has been “good enough”. Unfortunately, there are still many use-cases it can’t handle gracefully. We call one approach that solves these use-cases policy-based authorization.
![](https://www.seeleycoder.com/wp-content/themes/icelander/assets/images/header/unsplash-andrew-preble-206671.jpg)