Within relationship based access control policies, it's often interesting to get all the objects a user can access (which is already supported via permit.getUserPermissions()).

We now added the reverse functionality as well via a new SDK method: .

With this new method, it's possible get all users who have access to a resource.

Check out the docs here: https://docs.permit.io/how-to/enforce-permissions/authorized-users

The schema of the response in the code above is as follows:

Permit.io offers a unique UI condition builder to build complex attribute based access policies. We now added new types of attributes and operators to support more advanced use cases.

The typed attribute allows an attribute to contain multiple sub attributes at once, and the (object array) typed attributes allows an attribute to contain a list of dictionary (object) attributes.

Check out the docs here: https://docs.permit.io/api/working-with-abac/operators#object-match-operators

The Access requests features is now available via a Permit Element.

You can embed a fully functional UI in your app that allows users to request access from other users who can then approve or deny the request. If approved, the user will be granted new permissions.

Check out the docs here: https://docs.permit.io/embeddable-uis/element/access-request

We have made improvements to the Permit.io connect screen.

With improved instructions and streamlined tutorials, it is now simpler-than-ever to integrate Permit.io with your application.

Simply log into your Permit.io account, click on the Connect screen and follow the instructions.

The new Access Request API allows to create access requests for specific roles or resource instances. It also assigns relevant moderators to approve or deny user requests based on your decision.

With this new API, an end-user without permissions can ask the relevant permissions from a different end-user.

Check out the docs here: https://docs.permit.io/api/examples/access-requests

We have just shipped a new onboarding experience for new customers that we hope will enable users to adopt modern authorization with a few less clicks.

It's now easier than ever to start using Permit.io.

Check out the Getting Started docs.

To get all user permissions irrespective of the tenant, you can use the function. This function determines all user permissions for every registered resource across all tenants, and allows you to get all the objects (resource instances) the user can access in a single API call.

Docs: https://docs.permit.io/how-to/enforce-permissions/user-permissions

Permit.io API includes bulk APIs for selected operations, which offers a significant performance gains when trying to upload or change a lot of data at once.

The supported methods are:

Check out the docs here.

We added new types of permissions checks to our SDKs to allow you to perform many checks at once (bulkCheck) or check access across all tenants (checkInAllTenants).

For some use cases, you might need to perform multiple calls at once. To support that, Permit provides a function that allows you to validate multiple permission requests in a single call. In its basic form, the function accepts the same input parameters as the function, but in an array.

Check out the docs here.

To validate permissions irrespective of the tenant, you can use the function. This function determines if a user has permissions for a specified action on a resource across all tenants, the response will be a list of tenants in which the user is allowed to perform the request.

Check out the docs here.

The User Management Element now allows you to manage access at a more granular level, allowing you to specify permissions for individual resource instances based on their type.

To learn how to embed this kind of elements, read the docs here.