Quick Start

Set up roles & permissions to model your authorization requirements. Then use the SDK to make access checks from your application.

Before getting started

Make sure you have:

A WorkOS account
Your WorkOS API Key

What you’ll build

Implement role-based access control for a simple B2B video sharing SaaS application, where users can view and create videos, and elevated roles can manage other users’ roles and application settings.

Follow these steps to:

Map your application’s access management model to a set of roles
Define permissions to control granular access to your application’s resources
Associate permissions with roles, and configure default roles and priority order
If using AuthKit, assign roles to organization memberships and determine access via the session JWT
If using standalone SSO, access user roles through the SSO Profile object
If using standalone Directory Sync, access user roles through the Directory User object

API resource definitions

Role: Represents a logical grouping of access management rules.

1. Create roles

Determine the application’s access management hierarchy and create roles to match it.

2. Create permissions

Define permissions that control access to specific resources and actions in your application.

Summary

You have now set up a complete RBAC system for your application.