Skip to main content

Define Your Authorization Model

note
Auth0 Fine Grained Authorization (FGA) is the early-stage product we are building at Auth0 to solve fine-grained authorization at scale. Sign up for the Developer Community Preview to try it out, and join our Discord community if you are interested in learning more about our plans.

Please note that at this point in time, it is not considered production-ready and does not come with any SLAs; availability and uptime are not guaranteed. Limitations of Auth0 FGA during the Developer Community Preview can be found here.

This section has guides, concepts and examples that help you define an authorization model.

When to use

The content in this section is useful:

  • If you are starting with Auth0 FGA and want to learn how to represent your organization's/system's authorization needs.
  • If you are working on iterating on an authorization model you previously defined.

Content

Getting Started

How to create an authorization model for your system starting from the requirements.

Configuration Language

Learn Auth0 FGA's configuration language syntax and its basics.

Modeling Basics

Learn the basics of modeling authorization and granting access to users.

Modeling User Groups

Learn to model user group membership, and to grant access to all members of a group.

Modeling Roles and Permissions

Learn to model roles for users at the object level and model permissions for those roles.

Modeling Parent-Child objects

Learn to model access based on parent-child relationships, e.g.: folders and documents.

Modeling Block Lists

Learn to model denying access if users are part of list of blocked users.

Modeling Public Access

Learn to model giving everyone specific access to an object, e.g.: everyone can read.

Modeling with Multiple Restrictions

Learn to model requiring multiple privileges before granting access.

Modeling Custom Roles

Learn to model custom roles that are created by users.

Contextual and Time-Based Authorization

Learn to model and authorize when IP Address, time, and other dynamic and contextual restrictions are involved.

Authorization Through Organization Context

Learn to model and authorize when a user belongs to multiple organizations.

Modeling Concepts

Learn the underlying concepts/building blocks that can be used to build any model.

Have Feedback?

Join us on the Discord community if you have any questions or suggestions.