Welcome to Permit! In this quick tutorial, we will go over the basic steps of setting up your account with Permit and creating a very basic authorization policy. Let’s get started!
1. Create a Permit account
The first step is creating an account. This account will be used to configure and manage the authorization layer of your application.
You can log into Permit with your Google / GitHub account. Permit also offers Single Sign-On (SSO) login functionality, allowing users to access their accounts using enterprise credentials. SSO is provided as the default option in Permit’s Enterprise Tier, or as a standalone option at a yearly defined rate.
To get a custom quote on SSO, reach out to us via our Slack Community.
2. Creating a workspace
First, you will need to create your workspace (Or, organizational account), under which all of your configurations, projects, and environments reside. This will often correspond with your company’s name.
We have a pizzeria called "Johns Pizza" - this is our business, so that's what we will call our organization
You can have multiple workspaces and switch between them - although usually, you'd only need one. Workspaces are completely siloed from one another.
3. Define your first policy
A basic authorization policy consists of three elements: a Resource, an Action, and a Role.
- Start by defining a resource - this is going to be the entity which you want to manage access for.
John's Pizza has a Kitchen, that only certain individuals have access to, and can only perform restricted actions in. Our resource is the Kitchen
- Then, define the possible actions in regard to the defined resource.
The Kitchen will have three actions applied - Enter, Cook, and Manage
- Now that we have a resource and actions defined, let’s add roles into the mix.
A Chef - Can Enter, Cook, and Manage the Kitchen. A Manager - Can Enter and Manage the kitchen, but not Cook. A Waiter - Can only Enter the Kitchen.
- Using the UI, assign the relevant policies accordingly. Note that policy assignment can also be done via our API.
- With our new policy defined, we can assign the roles we created to actual users. Under “Email”, fill in the actual users to which you want to assign these roles.
Filling the emails of your actual users in this section is optional - in an actual application, users will usually be identified by GUIDs and not their actual data.
That’s it! 🥳 Now that you have all the basics set up, you can connect Permit to a demo application and see your defined policy come to life.
4. What's Next?
Now that you've seen the basics, you can dive deeper into utilizing Permit for your authorization needs. Here are some guides to get you started: