DEV Community: Samiat Akande The latest articles on DEV Community by Samiat Akande (@samiatakande11). https://dev.to/samiatakande11 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3968012%2Fa9bd44c4-1bf4-4813-bf63-f4cf38670418.jpeg DEV Community: Samiat Akande https://dev.to/samiatakande11 en Building Trust Into Authentication: Practical Access Control Patterns for Modern Apps Samiat Akande Thu, 25 Jun 2026 07:35:00 +0000 https://dev.to/samiatakande11/building-trust-into-authentication-practical-access-control-patterns-for-modern-apps-55pc https://dev.to/samiatakande11/building-trust-into-authentication-practical-access-control-patterns-for-modern-apps-55pc <p>Most apps think they are secure because they have login pages.</p> <p>But authentication is only the first step.</p> <p>Once a user is logged in, your app still needs to answer a bigger question:</p> <p>What should this user be allowed to do?</p> <p>That is where access control comes in.</p> <p>If your authentication is weak, users cannot trust your system.<br><br> If your authorization is weak, your system cannot trust its users.</p> <h3> Authentication versus authorization </h3> <p>These two are often confused.</p> <p>Authentication means who are you.<br><br> Authorization means what can you do.</p> <p>A user might successfully log in, but that does not mean they should be able to view every record, edit every profile, or access sensitive data.</p> <h3> Basic role based access control </h3> <p>One of the simplest and most practical patterns is role based access control, or RBAC.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">can_view_sensitive_data</span><span class="p">(</span><span class="n">role</span><span class="p">):</span> <span class="n">allowed_roles</span> <span class="o">=</span> <span class="p">[</span><span class="sh">"</span><span class="s">admin</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">privacy_officer</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">security_lead</span><span class="sh">"</span><span class="p">]</span> <span class="k">return</span> <span class="n">role</span> <span class="ow">in</span> <span class="n">allowed_roles</span> <span class="n">user_role</span> <span class="o">=</span> <span class="sh">"</span><span class="s">engineer</span><span class="sh">"</span> <span class="k">if</span> <span class="nf">can_view_sensitive_data</span><span class="p">(</span><span class="n">user_role</span><span class="p">):</span> <span class="nf">print</span><span class="p">(</span><span class="sh">"</span><span class="s">Access granted</span><span class="sh">"</span><span class="p">)</span> <span class="k">else</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sh">"</span><span class="s">Access denied</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <p>This is basic, but it makes the rule explicit.</p> <h3> Why this matters </h3> <p>Without access control, systems often end up with too much exposure.</p> <p>That leads to:</p> <ol> <li>Overexposed dashboards</li> <li>Too many internal permissions</li> <li>Accidental data leaks</li> <li>Poor auditability</li> <li>Broken trust</li> </ol> <p>When users know permissions are handled carefully, they trust the platform more.</p> <h3> Prefer least privilege </h3> <p>A strong access model follows the principle of least privilege.</p> <p>Give each user only the access they need, and nothing more.</p> <p>That means:</p> <ol> <li>Support staff should not see all customer records by default</li> <li>Engineers should not have production access unless required</li> <li>HR data should be tightly segmented</li> <li>Admin permissions should be rare and auditable</li> </ol> <h3> Scope access by action, not just by role </h3> <p>Sometimes role alone is not enough.</p> <p>A user may be allowed to view a record but not delete it. Or view their own profile but not other users’ profiles.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">can_perform</span><span class="p">(</span><span class="n">action</span><span class="p">,</span> <span class="n">role</span><span class="p">):</span> <span class="n">permissions</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">admin</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">view</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">edit</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">delete</span><span class="sh">"</span><span class="p">},</span> <span class="sh">"</span><span class="s">manager</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">view</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">edit</span><span class="sh">"</span><span class="p">},</span> <span class="sh">"</span><span class="s">user</span><span class="sh">"</span><span class="p">:</span> <span class="p">{</span><span class="sh">"</span><span class="s">view</span><span class="sh">"</span><span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="n">action</span> <span class="ow">in</span> <span class="n">permissions</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="n">role</span><span class="p">,</span> <span class="nf">set</span><span class="p">())</span> <span class="nf">print</span><span class="p">(</span><span class="nf">can_perform</span><span class="p">(</span><span class="sh">"</span><span class="s">delete</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">manager</span><span class="sh">"</span><span class="p">))</span> <span class="nf">print</span><span class="p">(</span><span class="nf">can_perform</span><span class="p">(</span><span class="sh">"</span><span class="s">view</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">user</span><span class="sh">"</span><span class="p">))</span> </code></pre> </div> <p>This gives you more control than a simple allow or deny model.</p> <h3> Separate public, private, and sensitive data </h3> <p>A good trust model also separates data by sensitivity.</p> <p>For example:</p> <ol> <li>Public data such as name and display photo</li> <li>Private data such as email and phone</li> <li>Sensitive data such as salary, ID number, or health data</li> </ol> <p>Your app should treat these categories differently.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">serialize_profile</span><span class="p">(</span><span class="n">profile</span><span class="p">,</span> <span class="n">access_level</span><span class="p">):</span> <span class="n">public_data</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="n">profile</span><span class="p">[</span><span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">username</span><span class="sh">"</span><span class="p">:</span> <span class="n">profile</span><span class="p">[</span><span class="sh">"</span><span class="s">username</span><span class="sh">"</span><span class="p">]</span> <span class="p">}</span> <span class="n">private_data</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">email</span><span class="sh">"</span><span class="p">:</span> <span class="n">profile</span><span class="p">[</span><span class="sh">"</span><span class="s">email</span><span class="sh">"</span><span class="p">]</span> <span class="p">}</span> <span class="n">sensitive_data</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">salary</span><span class="sh">"</span><span class="p">:</span> <span class="n">profile</span><span class="p">[</span><span class="sh">"</span><span class="s">salary</span><span class="sh">"</span><span class="p">]</span> <span class="p">}</span> <span class="k">if</span> <span class="n">access_level</span> <span class="o">==</span> <span class="sh">"</span><span class="s">public</span><span class="sh">"</span><span class="p">:</span> <span class="k">return</span> <span class="n">public_data</span> <span class="k">elif</span> <span class="n">access_level</span> <span class="o">==</span> <span class="sh">"</span><span class="s">private</span><span class="sh">"</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="o">**</span><span class="n">public_data</span><span class="p">,</span> <span class="o">**</span><span class="n">private_data</span><span class="p">}</span> <span class="k">elif</span> <span class="n">access_level</span> <span class="o">==</span> <span class="sh">"</span><span class="s">sensitive</span><span class="sh">"</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span><span class="o">**</span><span class="n">public_data</span><span class="p">,</span> <span class="o">**</span><span class="n">private_data</span><span class="p">,</span> <span class="o">**</span><span class="n">sensitive_data</span><span class="p">}</span> </code></pre> </div> <p>This kind of separation makes security easier to enforce.</p> <h3> Log access to sensitive actions </h3> <p>Trust also comes from accountability.</p> <p>If sensitive data is accessed, there should be an audit trail.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">log_access</span><span class="p">(</span><span class="n">user_id</span><span class="p">,</span> <span class="n">action</span><span class="p">):</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">User </span><span class="si">{</span><span class="n">user_id</span><span class="si">}</span><span class="s"> performed </span><span class="si">{</span><span class="n">action</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <p>In a real system, this would write to secure logs, not just stdout. But the principle is the same. Sensitive actions should not disappear without a trace.</p> <h3> Practical trust checklist </h3> <p>Before shipping an app, ask:</p> <ol> <li>Are login and session flows secure?</li> <li>Are permissions role based and action based?</li> <li>Is sensitive data segmented?</li> <li>Are defaults restrictive?</li> <li>Is access logged?</li> <li>Can we explain permissions clearly to users and admins?</li> </ol> <h3> Final thought </h3> <p>Authentication gets users into the system.</p> <p>Authorization keeps the system trustworthy.</p> <p>And in modern applications, trust is not just a security feature. It is part of the product.</p> ai security webdev productivity Privacy by Design in Your API: How to Collect Less Data Without Breaking UX Samiat Akande Tue, 09 Jun 2026 06:29:00 +0000 https://dev.to/samiatakande11/privacy-by-design-in-your-api-how-to-collect-less-data-without-breaking-ux-4l4i https://dev.to/samiatakande11/privacy-by-design-in-your-api-how-to-collect-less-data-without-breaking-ux-4l4i <p>When developers think about privacy, they often think about legal compliance, consent banners, or policy pages.</p> <p>But privacy starts much earlier than that, at the API layer.</p> <p>Every time your backend asks for a phone number, date of birth, location, or optional profile field, you are making a design decision. If you collect too much data by default, you increase risk, reduce trust, and make your system harder to maintain.</p> <p>The good news is that privacy by design does not have to make your product worse. In many cases, it makes your API cleaner, safer, and easier to reason about.</p> <h3> Why collecting less data matters </h3> <p>The more data you collect, the more you have to protect.</p> <p>That means more storage, more access control, more breach risk, more compliance burden, and more user distrust if something goes wrong.</p> <p>A developer friendly privacy approach is simple:</p> <p>Only collect what you need to deliver value.</p> <h3> Bad pattern: collecting everything up front </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">user_profile</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Amina</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">email</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">amina@example.com</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">phone</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">07000000000</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">dob</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">1995-01-01</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">address</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">123 Main Street</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">location</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Lagos</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">gender</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">female</span><span class="sh">"</span> <span class="p">}</span> </code></pre> </div> <p>This kind of structure is common in early stage products. The thinking is usually: let us ask for everything now, just in case we need it later.</p> <p>But just in case is not a good privacy strategy.</p> <h3> Better pattern: collect only what is required </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">build_profile</span><span class="p">(</span><span class="n">name</span><span class="p">,</span> <span class="n">email</span><span class="p">,</span> <span class="n">phone</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span> <span class="n">profile</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="n">name</span><span class="p">,</span> <span class="sh">"</span><span class="s">email</span><span class="sh">"</span><span class="p">:</span> <span class="n">email</span> <span class="p">}</span> <span class="k">if</span> <span class="n">phone</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span> <span class="n">profile</span><span class="p">[</span><span class="sh">"</span><span class="s">phone</span><span class="sh">"</span><span class="p">]</span> <span class="o">=</span> <span class="n">phone</span> <span class="k">return</span> <span class="n">profile</span> <span class="n">user_profile</span> <span class="o">=</span> <span class="nf">build_profile</span><span class="p">(</span><span class="sh">"</span><span class="s">Amina</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">amina@example.com</span><span class="sh">"</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="n">user_profile</span><span class="p">)</span> </code></pre> </div> <p>This is small, but the principle matters.</p> <p>Optional data should stay optional unless it is truly needed.</p> <h3> Use explicit field validation </h3> <p>Instead of accepting a giant payload and filtering it later, validate the exact fields you expect.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">ALLOWED_FIELDS</span> <span class="o">=</span> <span class="p">{</span><span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">email</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">phone</span><span class="sh">"</span><span class="p">}</span> <span class="k">def</span> <span class="nf">sanitize_payload</span><span class="p">(</span><span class="n">payload</span><span class="p">):</span> <span class="k">return</span> <span class="p">{</span><span class="n">k</span><span class="p">:</span> <span class="n">v</span> <span class="k">for</span> <span class="n">k</span><span class="p">,</span> <span class="n">v</span> <span class="ow">in</span> <span class="n">payload</span><span class="p">.</span><span class="nf">items</span><span class="p">()</span> <span class="k">if</span> <span class="n">k</span> <span class="ow">in</span> <span class="n">ALLOWED_FIELDS</span><span class="p">}</span> <span class="n">incoming</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Amina</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">email</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">amina@example.com</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">phone</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">07000000000</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">location</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Lagos</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">dob</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">1995-01-01</span><span class="sh">"</span> <span class="p">}</span> <span class="n">clean_payload</span> <span class="o">=</span> <span class="nf">sanitize_payload</span><span class="p">(</span><span class="n">incoming</span><span class="p">)</span> <span class="nf">print</span><span class="p">(</span><span class="n">clean_payload</span><span class="p">)</span> </code></pre> </div> <p>This helps reduce accidental over collection and makes your API behavior more predictable.</p> <h3> Design for progressive disclosure </h3> <p>Instead of asking for everything at sign up, collect data over time as the user gets value.</p> <p>For example:</p> <ol> <li>Sign up with name and email</li> <li>Ask for phone only when needed for verification</li> <li>Ask for location only for location based features</li> <li>Ask for profile details only when the user chooses to personalize their account</li> </ol> <p>This improves trust and reduces friction.</p> <h3> Think about data minimisation in responses too </h3> <p>Privacy is not only about what you collect. It is also about what you return.</p> <p>Avoid sending unnecessary user data back in API responses.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">user_response</span><span class="p">(</span><span class="n">user</span><span class="p">):</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">:</span> <span class="n">user</span><span class="p">[</span><span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">],</span> <span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">:</span> <span class="n">user</span><span class="p">[</span><span class="sh">"</span><span class="s">name</span><span class="sh">"</span><span class="p">]</span> <span class="p">}</span> </code></pre> </div> <p>Do not return internal fields like password hashes, access tokens, internal notes, audit flags, or admin only metadata.</p> <h3> A simple rule for developers </h3> <p>Before adding a field to your request or database schema, ask:</p> <ol> <li>Do we need this field right now?</li> <li>What feature depends on it?</li> <li>Who will access it?</li> <li>How long will we keep it?</li> <li>What happens if it leaks?</li> </ol> <p>If the answer is unclear, do not collect it yet.</p> <h3> Final thought </h3> <p>Privacy by design is not just about avoiding problems.</p> <p>It is about building systems that users can trust and teams can maintain.</p> <p>And often, the most elegant API is the one that asks for the least.</p> privacy ai programming security