From 09d4c906b747cc5402f224b39847bbe7594f21b0 Mon Sep 17 00:00:00 2001
From: Lisa Dziuba <yelyzavetadziuba@gmail.com>
Date: Thu, 22 Aug 2024 19:36:43 +0200
Subject: [PATCH] Contribution to the Policy models section

---
 readme.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/readme.md b/readme.md
index 61e19a0..7c72f13 100644
--- a/readme.md
+++ b/readme.md
@@ -373,6 +373,8 @@ As a concept, access control policies can be designed to follow very different a
 
 - [Authorization Academy](https://www.osohq.com/academy) - An in-depth, vendor-agnostic treatment of authorization that emphasizes mental models. This guide shows the reader how to think about their authorization needs in order to make good decisions about their authorization architecture and model.
 
+- [Service-to-service authorization: A guide to non-user principals](https://www.cerbos.dev/blog/service-to-service-authorization) - Discover how assigning identities to services (non-user principals) can simplify authentication, enhance security, and streamline authorization in complex distributed systems. A useful guide for IAM teams managing microservices and APIs.
+
 ### Open-source policy frameworks
 
 Collection of open-source projects if you're looking to roll your own policy implementation.