mglaman.dev

Archives
Subscribe
March 13, 2026

mglaman.dev – March 13th, 2024

Hey there!

Here's your weekly newsletter from me, Matt Glaman!

My latest blog post

Recently, I dove deep into using the Authorization Code grant type with Simple OAuth and ran into a major issue with the assumed permission hierarchy. This actually sparked quite the conversation. Here's the related issue: https://www.drupal.org/project/drupal/issues/3578418

The nightmare of permissions and OAuth scopes in Drupal

Drupal's role-based access control is one of its strengths. Permissions and roles are well-understood, and the system is mature. But the moment you step outside the standard cookie-based session — say, into OAuth with the authorization code flow — you hit a wall that the core permission model never anticipated.

Interesting links

  • Deloitte Tech Trends 2026

    • “Gartner predicts that 40% of agentic projects will fail by 20278—not because the technology doesn’t work, but because organizations are automating broken processes instead of redesigning operations.”

  • Open Source infrastructure deserves a business model

  • What it costs to run Drupal's infrastructure

    • I really enjoyed these back-to-back posts by Dries.

If you enjoyed this, could you forward it to a friend? Was this forwarded to you? You can subscribe here!

Don't miss what's next. Subscribe to mglaman.dev:
← Newer mglaman.dev - Understanding Drupal: A Complete Guide to Caching Layers is out! Older → mglaman.dev – March 6th, 2024
Share this email:
Share on Twitter Share on LinkedIn Share on Threads Share via email Share on Mastodon Share on Bluesky
GitHub
Bluesky
Threads
Twitter
LinkedIn
phpc.social
Powered by Buttondown, the easiest way to start and grow your newsletter.