Attribute Types

Permit supports attributes on three different objects:

User Attributes - Characteristics of the actor performing an action, to be used in user sets.
Resource Attributes - Characteristics of the resource the action is being performed on, to be used in resource sets.
Tenant Attributes - Characteristics of the tenant containing the actor and the resource. Can be used in user sets of users that appear in the tenant.

Defining Attributes

Attributes can be assigned in three ways:

Assign attributes to users and tenants directly from the UI or the API
Push user and resource attributes in the permit.check call
Write a short custom Rego function that generates all types of attributes on the fly

Note that not all attribute sources are available for all attribute types, for example resource attributes can only be pushed in permit.check and as a custom Rego function.

Define Stored User Attributes

After creating the attribute definitions, you can define user-specific attributes.

To define user-specific attributes, in the Users screen, click the user's options button and select Manage Metadata. User Attribute Definition Window

From this window you can edit the user attributes as JSON. User Attribute Definition Window

Note that to add new attributes you need to first create attribute definitions.

Define Stored Tenant Attributes

After creating the attribute definitions, you can define tenant-specific attributes.

To define tenant-specific attributes, in the Users screen, open the tenant list, click the tenant's edit button. Tenant Attribute Definition Window

Then, select Edit Tenant Attributes. Tenant Attribute Definition Window

From this window you can edit the user attributes as JSON. Tenant Attribute Definition Window

Defining Attributes​

Define Stored User Attributes​

Define Stored Tenant Attributes​

Contents

Defining Attributes

Define Stored User Attributes

Define Stored Tenant Attributes