Page cover image

Authoring your first rule

This page will provide step-by-step instructions to help you get started with writing your first authorization rule using natural language.

A typical authorization rule follows this structure:

[Subject] can [Action] on [Resource] when [Condition(s)]
  • Subject: Who is being granted or denied access (e.g., "Admins," "John Doe," "Users with Role X").

  • Action: What action is allowed or denied (e.g., "view," "edit," "delete").

  • Resource: The specific item or category being accessed (e.g., "Sales Reports," "Project Data").

  • Condition(s): Additional criteria that must be met (e.g., "during business hours," "if the user is in the Marketing department").

1. Creating a rule

A developer can access a repository if at least one of the following conditions is met:

  • they are the owner of the repository

  • they belong to the same team or department as the repository owner

Last updated

Was this helpful?