What is the practical use of the policy role at the moment? #459

viniciusgabrielfo · 2021-02-22T19:15:58Z

viniciusgabrielfo
Feb 22, 2021

What is the applicability of the oryAccessControlPolicyRole schema used in endpoints?

{
  "description": "string",
  "id": "string",
  "members": [
    "string"
  ]
}

I can create a new role, add members, but I don't have an endpoint to check if a member is part of a certain role, right? I need to get a role and all its members to check if the member belongs to that role and after that consult a specific policy for that role, is this really the expected process?

Answered by viniciusgabrielfo

Feb 22, 2021

I have solved my question. The role ID is seen as a "subject" in policies and cannot mix two different flavor of roles and policies that use roles as a subject.

For example, if I create a role "admin" with "glob" flavor, I need to use "glob" into policy that use role "admin" as a subject.

View full answer

viniciusgabrielfo · 2021-02-22T20:55:58Z

viniciusgabrielfo
Feb 22, 2021
Author

I have solved my question. The role ID is seen as a "subject" in policies and cannot mix two different flavor of roles and policies that use roles as a subject.

For example, if I create a role "admin" with "glob" flavor, I need to use "glob" into policy that use role "admin" as a subject.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

What is the practical use of the policy role at the moment? #459

{{title}}

Replies: 1 comment

{{title}}

Select a reply

What is the practical use of the policy role at the moment? #459

viniciusgabrielfo Feb 22, 2021

Replies: 1 comment

viniciusgabrielfo Feb 22, 2021 Author

viniciusgabrielfo
Feb 22, 2021

viniciusgabrielfo
Feb 22, 2021
Author