How Zapier unified authorization across products with Okta’s Fine-Grained Authorization

Securing automation for everyone who should have access

Zapier’s rapid growth from working primarily with small — often single-person — businesses to global enterprises has led the company to refine its mission. The company’s goal is to “make automation work for everyone,” and it’s important to define who “everyone” means. “Our customers have a lot of non-technical users, and our workflows are designed so that everyone can manage them. But this also exposes some mission-critical work to a wide range of users,” said Timi Chu, Group Product Manager.

Zapier built an in-house authorization solution to help customers protect their automation infrastructure through clear access controls. But instead of a standard model for all authorization, Zapier’s development teams redesigned it for each product line, which led to inconsistencies in its customer experience. For example, users could delete an asset in Zaps, the company’s core workflow automation solution, but not in Tables, its database solution. Because of this, users who were meant to have universal access had to submit new access requests, and administrators were forced to manage controls platform by platform. As Zapier continued to expand its product offerings, it needed a solution that could unify authorization management across its existing product suite but also easily plug into future products.

Working with Identity experts to scale quickly

Zapier knew it wanted a scalable, enterprise-ready solution that was easy to use. The company consulted with Okta’s Customer First team for support and discovered Okta Fine Grained Authorization (FGA). With Okta FGA, Zapier can easily design centralized, flexible, and fast authorization models, from coarse-grained to fine-grained. Knowing that Okta FGA met these key requirements, Zapier set out to become an early adopter.

“We wanted to work with a mature organization that offers granular management. Okta is the Identity expert,” Chu says. “We wanted a team that has seen implementations like ours across many other companies to advise us.”

A future of fine-grained access control

Since Zapier’s adoption of Okta FGA coincided with the building of Canvas, the company’s new AI-powered flowchart product, the team was able to reallocate engineering resources from authorization management to new features and functionality. This time savings is ongoing: With Okta FGA, the team no longer has to conduct regular maintenance tasks such as authorization feature requests from other internal teams, answering questions about existing functionality, or updating documentation. This saves at least half an engineer’s time every two-week sprint.

More consistent uptime through Okta FGA helps Zapier deliver on its promise to customers. A 99.99% control uptime offers administrators the reassurance that users can only interact with assets they’re supposed to access and ensure vital workflows are secure. Zapier’s core operating principle is centered around “platformizing” its business or using customer insights to guide platform investments and making deliberate decisions about when and how to invest in its platform. As it continues to implement Okta FGA into its broader product suite, it can further reduce redundancies, accelerate development, and make automation possible for everyone faster than ever.

About Zapier

With nearly 70% of Fortune 1000 companies automating workflows and moving data with Zapier, the company is committed to its mission of making automation work for everyone. Since its founding in 2012, the company has expanded from a single automation solution to a multi-platform business serving some of the world’s largest organizations.