Roles
The Roles tab provides a centralized view for managing user roles across all auth collections in your project. Access it from the top navigation bar in any project.
Roles Table
The table displays all roles from every auth collection:
| Column | Description |
|---|---|
| Name | Display name of the role |
| Code | Identifier used in code and permissions |
| Project | Project the role belongs to |
| Auth Collection | Which auth collection contains this role |
| Action | Edit or delete the role |
Use the search bar to filter roles by name or code.
Creating a Role
-
Click Add Role in the top right
-
Configure Basic Settings:
- Name - Display name (e.g., "Manager")
- Code - Unique identifier (e.g., "manager")
- Auth Collection - Select which auth collection this role belongs to
-
Configure Advanced Settings (optional):
- Add conditions to automatically assign roles based on session data
-
Click Submit
Role Conditions
Advanced settings let you define conditions for automatic role assignment. Conditions use session fields - the data stored when a user logs in. Configure session fields in each auth collection's Profile & Session settings.
| Field | Description |
|---|---|
| Conjunction | Logical operator: WHERE, AND, OR |
| Session Field | Field from user session to evaluate |
| Operator | Comparison type (see below) |
| Value Input | Value to compare against |
Available Operators
| Operator | Description |
|---|---|
| is equal to | Exact match |
| is not equal to | Does not match |
| Greater than | Numeric comparison |
| Less than | Numeric comparison |
| Greater than or equal to | Numeric comparison |
| Less than or equal to | Numeric comparison |
| Is null | Field has no value |
| Not null | Field has a value |
| Is true | Boolean true |
| Is false | Boolean false |
| Include | Contains value in array |
Building Conditions
Combine multiple conditions using conjunctions:
- WHERE - Starts a condition chain
- AND - Both conditions must be true
- OR - Either condition can be true
Example: A "Manager" role with condition WHERE role is equal to manager assigns this role to users whose session contains role: "manager".
Session Fields
The Session Field dropdown shows fields configured in each auth collection's session settings. Common fields include:
- role - User's role value for permission checks
- username - Display name
- userId - Unique identifier
See Profile & Session for configuring which fields are available in sessions.
Managing Roles
Editing a Role
Click the edit icon (pencil) in the Action column to modify:
- Role name and code
- Auth collection assignment
- Role conditions
Deleting a Role
Click the delete icon (trash) in the Action column. Confirm the deletion when prompted.
Deleting a role removes it from all users who have it assigned. Ensure no active permissions depend on the role before deletion.
Next Steps
- Auth Collections — Configure authentication settings
- Profile & Session — Set up session fields
- Collection Roles — Manage roles within a collection