Skip to content

Run an authorization check.

POST
/api/check
Code sample: Shell / cURL
curl --request POST \
--url https://auth.example.com/api/check \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{ "subject_id": "user_123", "permission": "documents:doc_123:read", "tenant_id": "tenant_123" }'
Media type application/json
object
subject_id
required
string
subject_type
string
permission
required
One of:
string
tenant_id
string
resource_context
object
key
additional properties
rebac
object
key
additional properties
Example
{
"subject_id": "user_123",
"permission": "documents:doc_123:read",
"tenant_id": "tenant_123"
}

Successful JSON response.

Media type application/json
object
allowed
required
boolean
resolved_via
Array<string>
final_decision
required
string
Allowed values: allow deny
cache_ttl
integer
key
additional properties
Example
{
"allowed": true,
"resolved_via": [
"rebac"
],
"final_decision": "allow",
"cache_ttl": 60
}