Back to changelog

Custom Roles and Permissions is in Public Beta

Category
Beta
Published

More control to operate your B2B SaaS via Custom Roles and Permissions

More powerful authorization options

Previously within our Organizations product you had 2 role types to work with (Admin and Member) out-of-the-box. Those roles came with a bunch of default assumptions about how they operated and what rights they each had. For many of our customers, this worked fine – but for a large amount of our more mature customers, you required more. That's where Custom Roles and Permissions comes into play.

With Custom Roles and Permisisons you can now model your application with whatever roles map to your use-case, assign those roles the specific permissions they need and you're on your way. This data gets automatically reflected in your session tokens as claims, ready for you to build out authorization flows within your app.

Customizing your application

We didn't just stop at allowing you to model your application's roles and permissions and enrich your Sessions and JWTs. In pursuit of the best possible DX, like with our <SignUp /> and <SignIn /> components, we took it a step further.

Introducing has(), protect(), and <Protect> - our new authorization helpers. These helpers allow the convenient integration of your custom authorization needs directly inside your apps.

<Protect role="org:admin">
  <Link href="/admin">Admin Panel</Link>
</Protect>

Head to the verifying a user's permissions docs to see all 3 helpers in action.

Learn more

As of today, custom roles and permissions is in public beta. Simply head to the Dashboard and start configuring your application's roles today.

If you're looking for more detail about the release, read through our announcement blog post, or dive right into the Roles and Permission docs.

We're excited to see what you build 🚀.

Other improvements

  • We added a more visible Dashboard UI when you’re in the context of a Development instance. This helps to better indicate that actions taken, such as copying and rotating keys, or modifying other settings, will not apply to the production environment.
  • We've improved caching and latency to a handful of our production endpoints.
  • We've improved the performance of WAU and MAU calculation for the Dashboard. In some of our larger applications, this was preventing you from seeing data beyond a 6 month lookback.