Authorization

Revolutionizing Microservices Security: Lessons from Uber’s Charter ABAC System In the sprawling ecosystem of modern microservices architectures, where thousands of services interact billions of times daily, traditional access control methods crumble under the weight of complexity. Uber’s engineering team tackled this head-on by developing Charter, an attribute-based access control (ABAC) system that delivers microsecond authorization decisions while handling nuanced policies based on user location, time, data relationships, and more. This innovation not only secures Uber’s vast infrastructure but offers a blueprint for any organization scaling microservices.[1][2] ...

Introduction The Model Context Protocol (MCP) is rapidly becoming a foundational layer for connecting AI models to external tools, data sources, and services in a standardized way. As more powerful capabilities are exposed to models—querying databases, sending emails, acting in SaaS systems—authorization becomes a central concern. This article walks through: What MCP is and how resources fit into its design What link resources are and why they matter How link resources are typically used to drive authorization flows Example patterns for building MCP servers that handle auth securely Best practices and common pitfalls The goal is to give you a solid mental model for how MCP authorization with link resources works in practice, so you can design safer, more capable integrations. ...