SuperTokens provides User Roles feature which allows you to:
- Create roles and associate them with an array of permissions.
- Associate an array of roles to each user.
- Fetch a list of roles and permissions for a user.
- Save the roles and permissions in a session to access them effeciently on the frontend and backend APIs.
- Guard frontend routes and backend APIs to only allow access if a user has a certain role or permission.
When using this recipe the general flow would be as follows:
- Create a role and assign permissions to that role
- Assign roles to users
- Protect your API and website routes by verifying that the user has the correct role and permissions