Permissions are essential for controlling user access to information and functionality in your application.
An individual permission represents the ability to do something, like upload a video or edit a profile page. Permissions are assigned to roles such that each role is essentially a group of permissions. Each user has one or more roles that define what the user can do.
To get you started quickly, Frontegg comes with a robust collection of default permissions that we call Frontegg Permissions. Additionally, you can add Custom Permissions to use in addition to or instead of the Frontegg Permissions. Read below to learn more.
To manage the permissions assigned to each role, go to Environments ➜ [NAME OF ENVIRONMENT] ➜ Authorization ➜ Permissions.
For instance, go to the development environment at Environments ➜ Development ➜ Authorization ➜ Permissions.
Be sure to update the permissions in each environment separately.
On this page, you see a list of permission categories. Each category has one or more permissions.
Categories are groups of permissions
Categories serve as simple holding folders for a group of related permissions. This is true of both Frontegg Permissions and Custom Permissions.
Each Frontegg Permission is already assigned to a category and cannot be reassigned to a different one. Each Custom Permission you must assign to a category and can edit which category it belongs to.
Although organized in categories, each permission must be edited individually.
Read below to learn more about the Frontegg Permissions and how to create custom permissions, assign permissions to roles, and otherwise manage your permissions.
A single permission is the smallest unit in users-roles-permissions
A single permission represents something a user can do in your application. For instance, a permission could be to give a user the ability to upload documents.
Assigning that permission to a role means that users assigned to that role will be able to upload documents.
The Frontegg permissions provide you and your customers with granularity to select which users can do what regarding functionality from the User Management platform.
Examples include permissions for operations such as
Invite user and
Change security polices.
This impacts actions your users can take in the admin portal embedded in your application and backend API calls sent to Frontegg on behalf of your users.
The Frontegg Permissions list is a fixed list that you cannot edit or delete. All Frontegg Permissions have a Role ID beginning with the fe prefix (such as
Each Frontegg Permission is assigned to a category. As mentioned above, a category is a collection of permissions.
The Frontegg Permissions are categorized such that each category consists of related permissions. In the example below, the Events category has three Frontegg Permissions related to events.
Click on a category to see which permissions are assigned to it.
Create your own permissions. We call these Custom Permissions.
Create permissions for functionality in your application. For instance, if you allow users the ability to upload photos, you can add a permission for uploading photos.
To create a new permission, click the add new permission button and complete the form.
Be sure to assign the permission to a category. You can either create a new category or use an existing one.
You must assign the permission to a role and the role to a user for that permission to have any effect.
To assign a permission to a role, find the category the permission is assigned to. Open the category to see a list of its permissions.
Find the permission you want. The permission should have a checkbox for each role. Check the checkbox for each role to which you want to assign the permission.
Assign permissions individually or categorically
To assign individual permissions, find a permission on the list and check the checkboxes for each role you want to assign to that permission. If you want to assign an entire permission category to a role, click the checkbox for the entire category.
After configuring your roles and permissions in the Frontegg Portal, you can enforce them in your application. Specifically, you can:
Updated 2 months ago