Concepts: Namespaces

Namespaces are the top-level construct within Authzed.

A namespace defines a class of object (such as a resource or user or group), and an optional grouping of permissions data called a relation.

Relations are a grouping of attributes attached to items (called tuples), along with the policy of how to resolve answer permissions questions (how to resolve check requests).

Namespace Configuration#

A namespace starts with a configuration which defines the name of the namespace and its relations

Example#

name: "{your tenant slug here}/myresource"
relation { name: "read" } # Users who can read the resource.
relation { name: "write" } # Users who can write the resource.

In the above example, we've defined a namespace named myresource under the tenant, with two relations read and write.

Each relation can contain tuples that reference the users (or other kinds of objects, themselves defined as namespaces) that can read or write resources.

For more complete examples see Developing a namespace