Managing Permissions

Overview

Permissions are essential for controlling which users can access which information and functionality in your application. An individual permission represents the ability to do something in your application. Permissions are assigned to roles such that each role essentially a group of permissions.

To get you started quickly, Frontegg comes with a robust collection of default permissions that we call Frontegg Permissions. Additionally, you can add Custom Permissions to use in addition to or instead of the Frontegg Permissions. Read below to learn more.

List of Permissions

To see a list of permissions and to manage them, go to Authorization ➜ Permissions.


On this page, you see a list of permission categories. Each category has one or more permissions.

πŸ“˜

Categories are groups of permissions

Categories serve as simple holding folders for a group of related permissions. This is true of both Frontegg Permissions and Custom Permissions.

Each Frontegg Permission is already assigned to a category and cannot be reassigned to a different one. Each Custom Permission you must assign to a category and can edit which category is belongs to.

Although organized in categories, each permission must be edited individually.


Read below to learn more about the Frontegg Permissions and how to create custom permissions, assign permissions to roles, and otherwise manage your permissions.

πŸ“˜

A single permission is the smallest unit in users-roles-permissions triad

A single permission represents something a user can do in your application. For instance, a permission might be to a user the ability to upload documents.

Assigning that permission to a role means that users assigned to that role will be able to upload documents.


Frontegg Permissions

The Frontegg permissions provide you and your customers with granularity to select which user can do what regarding anything that relates to the User Management platform (operations such as Invite user, Change security polices and much more). This impacts actions your users can take in the admin portal embedded in your application and backend API calls sent to Frontegg on behalf of your users.

πŸ“˜

The Frontegg Permissions list is a fixed list that you cannot edit or delete. All Frontegg Permissions have a Role ID beginning with the β€œfe” prefix (such as fe.connectivity.read.eventCategories).


Each Frontegg Permission is assigned to a category. As mentioned above, a category is a collection of permissions.

The Frontegg Permissions are categorized such that each category consists of related permissions. In the example below, the Events category has three Frontegg Permissions related to events.


Click on a category to see which permissions are assigned to it.

Create Permissions

Create your own permissions. We call these Custom Permissions.

πŸ“˜

Create permissions for functionality in your application. For instance, if you allow users the ability to upload photos, you can add a permission for uploading photos.


To create a new permission, click on the add new permission button. Assign a name, id, and description to the permission. Also, assign the permission to a category.


You can either create a new category or use an existing one.


Assign to Roles

To assign a permission to a role, in the list of permissions, find the permission you want to assign. That permission should have a checkbox for each role. Check the checkbox for each role you want to assign the permission to.


πŸ“˜

Assign permissions individually or categorically

To assign individual permissions, find a permission on the list and check the checkboxes for each role you want to assign to that permission. If you want to assign an entire permission category to a role, click the checkbox for the entire category.

Enforce Authorization

After configuring your roles and permissions in the Frontegg Portal, you can enforce them in your application. Specifically, you can:


Did this page help you?