User Authorization Management

With Stormpath, you can have a complete user authorization infrastructure within minutes. From multi-tenant customer organizations to roles and fine-grained permissions, Stormpath supports any user access model and grows with your application.

Easy User Groups

Building a simple Proof-of-Concept?

Start with two quick groups for admins and users. It takes just two API calls or a few clicks in our admin console.

Stormpath comes with a group object built in, so you can quickly segment user directories.


Role-Based Authorization

If you need to organize your users by Role or Group, Stormpath has role-based access control built in. User accounts can belong to one or many groups, each of which can carry its own set of permissions.

Create nested or hierarchical groups, model organizational functions, or implement best-practice resource-based access control.

1
2
3
4
5
6
7
8
9
10
11
POST https://api.stormpath.com/v1/groupMemberships
Content-Type: application/json;charset=UTF-8

{
  "account" : {
      "href" : "https://api.stormpath.com/v1/accounts/gSraAO"
   },
   "group" : {
       "href" : "https://api.stormpath.com/v1/groups/smJGMBM"
   }
}

Fine-Grained Permissions

If you or your applications need to control user access based on activity, state or unique attributes, Stormpath can apply fine-grained permissions. Fine-grained permissions can add flexibility or replace group or role authorization.

1
2
3
4
5
6
7
8
9
10
11
"customData": {
    "permissions":
      "crew_quarters": "9-3601",
      "lock_override": "all",
      "command_bridge": {
          "type": "vessel:bridge",
          "identifier": "NCC-1701-D",
          "action": "lockout",
          "control_key": "173467321476C32789777643T732V7311",
        }
    }

Multi-Tenancy & Customer Organizations

If your application serves many customer organizations or requires data separation for compliance, Stormpath makes it very easy to cleanly, securely partition your user data.

Our built-in partioning easily supports multi-tenant data models for SaaS applications, and separate, hosted directories for users from different sources.

Next Steps

User data modeling can be tricky and often comes with performance “gotchas”. Fortunately, we’re authorization experts!
We’re happy to help you plan your data model and avoid common pitfalls.