Setting up all the Basics
Get started with Permit by creating an account, completing the simple onboarding - giving you an introduction into the dashboard - and inviting your team members so you can all collaborate on creating your first policy enforcement.
User Sign-up / Login
Permit.io, being an authorization solution, naturally requires integration with your authentication solution. This section outlines the process of connecting Permit.io with your authentication setup.
Social Login (Google & GitHub)
We enable seamless login integration with popular social platforms like Google and GitHub to provide you with a streamlined login experience.
Single Sign-On (SSO)
We offer Single Sign-On (SSO) login functionality, allowing users to access their accounts using enterprise credentials. SSO login provides enhanced security and centralized user management. In the Enterprise tier, SSO login comes as a default feature. Alternatively, we also offer SSO as a standalone option at a yearly defined price, providing you with flexibility in customizing your Permit.io subscription to meet your organization's requirements.
Just reach out to us on Slack if you would like a custom quote for SSO.
Onboarding
Now that you have successfully created an account with Permit, you will go through the onboarding process. At this stage, we want you to get familiar with authorization concepts and the Permit SDK.
Here is the highlight of the steps we will go through:
- Creating our organization 🏢
- Defining our Policy ✏️📄
- Assigning Roles 🧑
- Connecting Permit to our Application 🚀
Your Organization
The first step is the creation of a organization.
An organization is the representation of your organisation. In other words, this can be your name, or your company name.
We have a pizzeria called "John's Pizza" - this is our business, so that's what we will call our organization.
Policy & Resources
We will now go ahead and create our first resource that we want to protect.
A resource is the target object we want to authorize access too. We can also refer to them as the objects of authorization queries.
John's Pizza has a kitchen, that only certain individuals have access too, and can only perform restricted actions in.
Unfortunately, defining just a resource is not enough. Each resource needs assigned actions that can be associated with it.
Defining our actions
John's Kitchen will have three actions applied - the ability to enter, cook and manage.
Roles & Permissions
We have defined our resource and the actions that can be associated with it, now we need to create some roles, and give each role appropriate permissions to perform those actions.
We have created three roles and ticked the correct permissions:
- Chef - He can enter, cook and manage the kitchen.
- Manager - He can enter and manage the kitchen, but does not have permissions to cook.
- Customer - He has no permissions to perform any of those actions.
With our policy defined, we can now add physical users that will serve a role. Once the permission is assigned to the specific person, they will automatically aquire all the role's permissions.
- John Smith recieved the role of a Chef.
- Jane Adams is the manager of John's Kitchen.
- Paul Roberts is only a customer that came in to eat delicious pizza. He has no permissions.
Connect Your App
Congratulations! You have successfully set up an RBAC Policy!
All you have left to do is to follow the instructions on your screen to connect Permit into your application. You can also jump right into the Quickstart guide to understand the technical basics of Permit and how you can setup your PDP and deploy to production.
Remember that once you connect your app to Permit, you will need to run your application locally
and navigate to localhost:4000
to see the results.
Inviting your Team
You can invite team members to your organization and assign roles that determine their permissions and capabilities. Leveraging Permit's authorization, you have precise control over what team members can do within the platform, streamlining collaboration.
Add team member
Adding team members is managed directly through the dashboard. Navigate to Settings
in the left hand navigation,
and then click on Members
and Add Member
.
Here you will be able to add the team members and send them an invitation to join the current organization. You can add multiple people at the same time.
Assign team member role
As you are adding a new team member, you will need to assign them a role. If you are assigning multiple members, the role that you select at the bottom of the pop-up will be applied to all the members.
There is currently only two roles to pick from. A Workspace Owner
, and an Editor
. A workspace owner can perform all
available actions in the UI, however, an editor, can only edit the policy editor.
Once you invite the team members to your organization, they will be shown as pending until they create an account within Permit. They should receive an email in their inbox letting them know they have been invited into your organization.
If for some reason they didn't receive the email, you can click on the role, copy and send them the invite link directly.
Remove team member from your organization
If you ever decide that you need to remove a user from the organization, you can just click on the users role under the Members
tab, and click remove from workspace
.