Avnology ID
API ReferencePermissions

Grant Permission

Create a new permission tuple to grant a subject a specific relation on a resource.

Endpoint

POST /v1/permissions

Base URL: https://api-id.avnology.net

Authentication: API Key or OAuth token with admin:permissions:write scope

Request

curl -X POST https://api-id.avnology.net/v1/permissions \
  -H
FieldTypeRequiredDescription
namespacestringYesResource type
objectstringYesResource ID
relationstringYesRelation to grant
subjectstringYesSubject to grant to

Response

Success (201 Created)

{
  "namespace": "organizations",
  "object": "org_7a2b3c4d",
  "relation": "admin",
  "subject": "identities:usr_7b2c3d4e"
}

Errors

StatusCodeDescription
400AVNOLOGY_AUTH_902Invalid tuple format
409AVNOLOGY_AUTH_903Tuple already exists

Code Examples

JavaScript (fetch)

async function grantPermission(apiKey, namespace, object, relation, subject) {
  return fetch('https://api-id.avnology.net/v1/permissions', {
    method: 'POST',
    headers: { 'Authorization': `Bearer ${apiKey}`,

Python (httpx)

import httpx

def grant_permission(api_key: str, namespace: str, object_id: str, relation: str, subject: str) -> dict:
    return httpx.post("https://api-id.avnology.net/v1/permissions",

Go (net/http)

func grantPermission(ctx context.Context, apiKey, ns, obj, rel, sub string) error {
  • Check Permission -- verify the granted permission
  • Revoke Permission -- remove a permission
  • SDK: client.permissions.grant({ namespace, object, relation, subject }) (TypeScript)

List Permissions

List permission tuples with optional filtering by namespace, object, relation, or subject.

Revoke Permission

Remove a permission tuple, revoking a subject's access to a resource.

On this page

EndpointRequestResponseSuccess (201 Created)ErrorsCode ExamplesJavaScript (fetch)Python (httpx)Go (net/http)Related