Which UI do you use?

Custom UI

Pre built UI

Creating a new role

When using SuperTokens, roles and permissions are simple strings that can be assigned to users and verified on your backend and frontend.

When creating new roles you can choose to add 0 or multiple permissions to the role.

important

Roles must be ceated before they can be assigned to users

tip

Roles can also be created from the user management dashboard. To know more about how to manage your user roles and permissions from user management dashboard see this page.

Dashboard

Important

For other backend frameworks, you can follow our guide on how to spin up a separate server configured with the SuperTokens backend SDK to authenticate requests and issue session tokens.

NodeJS

import UserRoles from "supertokens-node/recipe/userroles";

async function createRole() {
    /** 
    * You can choose to give multiple or no permissions when creating a role
    * createNewRoleOrAddPermissions("user", []) - No permissions
    * createNewRoleOrAddPermissions("user", ["read", "write"]) - Multiple permissions
    */
    const response = await UserRoles.createNewRoleOrAddPermissions("user", ["read"]);

    if (response.createdNewRole === false) {
        // The role already exists
    }
}

GoLang

import (
    "github.com/supertokens/supertokens-golang/recipe/userroles"
)

func createRole() {
    /** 
    * You can choose to give multiple or no permissions when creating a role
    * createNewRoleOrAddPermissions("user", []string{}) - No permissions
    * createNewRoleOrAddPermissions("user", []string{"read", "write"}) - Multiple permissions
    */
    resp, err := userroles.CreateNewRoleOrAddPermissions("user", []string{
        "read",
    }, nil)

    if err != nil {
        // TODO: Handle error
        return
    }
    if resp.OK.CreatedNewRole == false {
        // The role already exists
    }
}

Python

Asyncio

from supertokens_python.recipe.userroles.asyncio import create_new_role_or_add_permissions

async def create_role():
    res = await create_new_role_or_add_permissions("user", ["read"])
    if not res.created_new_role:
        # The role already existed
        pass

Syncio

from supertokens_python.recipe.userroles.syncio import create_new_role_or_add_permissions

def create_role():
    res = create_new_role_or_add_permissions("user", ["read"])
    if not res.created_new_role:
        # The role already existed
        pass

cURL

Single app setup

curl --location --request PUT '/recipe/role' \
--header 'api-key: ' \
--header 'Content-Type: application/json; charset=utf-8' \
--data-raw '{
  "role": "user",
  "permissions": [
    "read"
  ]
}'

Multi app setup

curl --location --request PUT '/recipe/role' \
--header 'api-key: ' \
--header 'Content-Type: application/json; charset=utf-8' \
--data-raw '{
  "role": "user",
  "permissions": [
    "read"
  ]
}'

Multi Tenancy

In a multi tenant setup, roles and permissions are shared across all tenants. This means that you can create a role and add permissions to it once, and reuse that role across any tenant in your app.