ApiManagement

Fine-Grained Authorization (FGA) Management

Overview

The Descope FGA/Authz API endpoints let developers implement Relationship-based Access Control (ReBAC) and Attribute-based Access Control (ABAC) in their applications. These endpoints are part of the Descope Management API and require a Project ID and Management Key.

Management keys are generated from Company > Management Keys. Project IDs are found in the console at Project > Project ID. Include both in the Authorization header as a bearer token in the format <Project ID>:<Management Key>.

Use Cases

  1. Save Schema — define a ReBAC or ABAC schema
  2. Create Relations — create relations between entities
  3. Has Relations — check if relations exist

Example - ReBAC

  1. Create and save a ReBAC schema
  2. Create relations between entities
  3. Check to see if relations exist
Was this helpful?

On this page

Fine-Grained Authorization (FGA) ManagementOverviewUse CasesExample - ReBAC