Skip to main content

Principal

A Principal is an entity in an authorization context, such as a user requesting read access to a resource or an organization who owns it.

    userId stringrequired
    organizationId stringrequired

    organizationRole

    object

    required

    A role specified in the context of a particular organization. Can be used as its own Principal as a convenient way to define groups of permissions.

    organizationId stringrequired

    role

    object

    required

    A role for a principal (likely a user) within an organization. Mostly used for Authorization. Anticipating the need for more roles here, we space out the values to leave unused numbers so that we can add more later while preserving the natural ordering of permissions. We don't prescribe specific authorizations here despite the suggestive names.

    basic booleanrequired

    "Basic" permissions.

    editor booleanrequired

    "Editor" permissions.

    owner booleanrequired

    "Owner" permissions.