To better understand the field of Fine-Grained Authorization (FGA) we've summarized all the required terms in one place.



An actor that requires access to a resource. It can be a User, Api token, User token, Access token.

Each request is sent with a context, usually in the form of a JWT token. That token represents the Subject.



Any custom data that you own. It can be Pages, Environments, Eggs or anything else that your software handles

Assets or resources can be used interchangeably.
A subject can access an Asset