Authoring your first rule
This page will provide step-by-step instructions to help you get started with writing your first authorization rule using natural language.
A typical authorization rule follows this structure:
Subject: Who is being granted or denied access (e.g., "Admins," "John Doe," "Users with Role X").
Action: What action is allowed or denied (e.g., "view," "edit," "delete").
Resource: The specific item or category being accessed (e.g., "Sales Reports," "Project Data").
Condition(s): Additional criteria that must be met (e.g., "during business hours," "if the user is in the Marketing department").
1. Creating a rule
A developer can access a repository if at least one of the following conditions is met:
they are the owner of the repository
they belong to the same team or department as the repository owner
Last updated
Was this helpful?