How is your organization protecting users and data in a microservice setting? For authorization, the microservices community has typically adopted the API Gateway pattern. In contrast, a fully distributed approach has been recently growing through Open Policy Agent (OPA) which places access control rules storage and enforcement in front of each individual service. In this talk, we want to introduce Ditto, an open source IAM system developed at real.digital, that sits in between API Gateways and OPA. We will showcase Ditto's attributes and how it has been designed to shine in a microservice architecture. Finally, we will show how you can integrate it into your services with examples of integrations with Kubernetes and Istio.
