It's pretty common for developers to go with the same kinds of authentication handling when they're creating their applications with permissions and groups. Unfortunately, as applications grow in side an interact with other systems, this kind of system sags under the weight of its own technical debt. Follow along with me as I talk about some alternatives to the typical RBAC authorization including attribute-based, multifactor, pattern-based and federated identity providers.