Show HN: Skip the SSO Tax, access your user data with OSS As the former CTO of an Insurtech and Fintech startup I always had the “pleasure” to keep regulators and auditors happy. Think of documenting who has access to what, quarterly access reviews, yearly audits and so on… Like many others we couldn’t justify the Enterprise-plan for every SaaS tool to simply get access to SSO and SCIM/SAML APIs. For Notion alone the cost would have nearly doubled to $14 per user per month. That’s insane! Mostly unknown to people, SSO Tax also limits access to APIs that are used for managing user access (SCIM/SAML). This has proven to be an incredibly annoying roadblock that prevented me from doing anything useful with our user data: - You want to download the current list of users and their permissions? Forget about it! - You want to centrally assign user roles and permissions? Good luck with that! - You want to delete user accounts immediately? Yeah right, like that's ever gonna happen! It literally cost me hours to update our access matrix at the end of every quarter for our access reviews and manually assigning user accounts and permissions. I figured, there must be a better way than praying to the SaaS gods to miraculously make the SSO Tax disappear (and open up SCIM/SAML along the way). That’s why I sat down a few weeks ago and started building OpenOwl ( https://ift.tt/F4yID5L ). It allows me to just plug in my user credentials and automatically download user lists, including permissions from SaaS tools. Granted, OpenOwl is still a work in progress, and it's not perfect. At the moment it's limited to non-SSO login flows and covers only 7 SaaS vendors. My favorite part is that you can configure integrations as “recipes”. The goal was for anybody to be able to add new integrations (IT managers and developers alike). Therefore you ideally don’t even have to write any new code, just tell OpenOwl how the new SaaS vendor works. What do you think? Have you dealt with manually maintaining a list of users and their permissions? Could this approach get us closer to overcoming parts of the SSO Tax? https://ift.tt/F4yID5L April 11, 2023 at 06:40PM
Show HN: Launch VM workloads securely and instantaneously, without VMs Hello HN! We've been working on a new hypervisor https://kwarantine.xyz that can run strongly isolated containers. This is still a WIP, but we wanted to give the community an idea about our approach, its benefits, and various use cases it unlocks. Today, VMs are used to host containers, and make up for the lack of strong security as well as kernel isolation in containers. This work adds this missing security piece in containers. We plan on launching a free private beta soon. Meanwhile, we'd deeply appreciate any feedback, and happy to answer any questions here or on our slack channel. Thanks! April 29, 2021 at 07:50AM
Comments