Class: StytchB2B::RBAC::Organizations

Inherits:

Object

• Object
• StytchB2B::RBAC::Organizations

Includes:

Stytch::RequestHelper

Defined in:

lib/stytch/b2b_rbac.rb

Instance Method Summary

• #get_org_policy(organization_id:) ⇒ Object

  The organization RBAC policy feature is currently in private beta and must be enabled for your Workspace.

• #initialize(connection) ⇒ Organizations constructor

  A new instance of Organizations.

• #set_org_policy(organization_id:, org_policy:) ⇒ Object

  The organization RBAC policy feature is currently in private beta and must be enabled for your Workspace.

Methods included from Stytch::RequestHelper

#delete_request, #get_request, #post_request, #put_request, #request_with_query_params

Constructor Details

#initialize(connection) ⇒ Organizations

Returns a new instance of Organizations.

# File 'lib/stytch/b2b_rbac.rb', line 54

def initialize(connection)
  @connection = connection
end

Instance Method Details

#get_org_policy(organization_id:) ⇒ Object

The organization RBAC policy feature is currently in private beta and must be enabled for your Workspace. Please contact Stytch support at support@stytch.com to request access.

Get the active RBAC Policy for a specific Organization within your Stytch Project. An Organization RBAC Policy contains the roles that have been defined specifically for that organization, allowing for organization-specific permissioning models.

This endpoint returns the organization-scoped roles that supplement the project-level RBAC policy. Organization policies allow you to define custom roles that are specific to individual organizations within your project.

When using the backend SDKs, the RBAC Policy will be cached to allow for local evaluations, eliminating the need for an extra request to Stytch. The policy will be refreshed if an authorization check is requested and the RBAC policy was last updated more than 5 minutes ago.

Organization-specific roles can be created and managed through this API endpoint, providing fine-grained control over permissions at the organization level.

Check out the [RBAC overview](stytch.com/docs/b2b/guides/rbac/overview) to learn more about Stytch’s RBAC permissioning model and organization-scoped policies.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

org_policy

The organization-specific RBAC Policy that contains roles defined for this organization. Organization policies supplement the project-level RBAC policy with additional roles that are specific to the organization. The type of this field is OrgPolicy (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

# File 'lib/stytch/b2b_rbac.rb', line 87

def get_org_policy(
  organization_id:
)
  headers = {}
  query_params = {}
  request = request_with_query_params("/v1/b2b/rbac/organizations/#{organization_id}", query_params)
  get_request(request, headers)
end

#set_org_policy(organization_id:, org_policy:) ⇒ Object

The organization RBAC policy feature is currently in private beta and must be enabled for your Workspace. Please contact Stytch support at support@stytch.com to request access.

Set the RBAC Policy for a specific Organization within your Stytch Project. An Organization RBAC Policy allows you to define roles that are specific to that organization, providing fine-grained control over permissions at the organization level.

This endpoint allows you to create, update, or replace the organization-scoped roles for a given organization. Organization policies supplement the project-level RBAC policy with additional roles that are only applicable within the context of that specific organization.

The organization policy consists of roles, where each role defines:

• A unique ‘role_id` to identify the role

• A human-readable ‘description` of the role’s purpose

• A set of ‘permissions` that specify which actions can be performed on which resources

When you set an organization policy, it will replace any existing organization-specific roles for that organization. The project-level RBAC policy remains unchanged.

Organization-specific roles are useful for scenarios where different organizations within your project require different permission structures, such as:

• Multi-tenant applications with varying access levels per tenant

• Organizations with custom approval workflows

• Different organizational hierarchies requiring unique role definitions

Check out the [RBAC overview](stytch.com/docs/b2b/guides/rbac/overview) to learn more about Stytch’s RBAC permissioning model and organization-scoped policies.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience. The type of this field is String.

org_policy

The organization-specific RBAC Policy that contains roles defined for this organization. Organization policies supplement the project-level RBAC policy with additional roles that are specific to the organization. The type of this field is OrgPolicy (object).

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

org_policy

The organization-specific RBAC Policy that contains roles defined for this organization. Organization policies supplement the project-level RBAC policy with additional roles that are specific to the organization. The type of this field is OrgPolicy (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

# File 'lib/stytch/b2b_rbac.rb', line 136

def set_org_policy(
  organization_id:,
  org_policy:
)
  headers = {}
  request = {
    org_policy: org_policy
  }

  put_request("/v1/b2b/rbac/organizations/#{organization_id}", request, headers)
end